CVE-2013-7371
https://notcve.org/view.php?id=CVE-2013-7371
node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370) node-connects versiones anteriores a 2.8.2, presenta una vulnerabilidad de tipo cross site scripting en el middleware de Sencha Labs Connect (vulnerabilidad debido a una corrección incompleta para el CVE-2013-7370) • http://www.openwall.com/lists/oss-security/2014/04/21/2 http://www.openwall.com/lists/oss-security/2014/05/13/1 https://access.redhat.com/security/cve/cve-2013-7371 https://exchange.xforce.ibmcloud.com/vulnerabilities/92710 https://nodesecurity.io/advisories/methodOverride_Middleware_Reflected_Cross-Site_Scripting https://security-tracker.debian.org/tracker/CVE-2013-7371 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-7370
https://notcve.org/view.php?id=CVE-2013-7370
node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware node-connect versiones anteriores a 2.8.1, presenta una vulnerabilidad de tipo XSS en el middleware Sencha Labs Connect. • http://www.openwall.com/lists/oss-security/2014/04/21/2 http://www.openwall.com/lists/oss-security/2014/05/13/1 https://access.redhat.com/security/cve/cve-2013-7370 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7370 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-7370 https://nodesecurity.io/advisories/methodOverride_Middleware_Reflected_Cross-Site_Scripting https://security-tracker.debian.org/tracker/CVE-2013-7370 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-19718
https://notcve.org/view.php?id=CVE-2018-19718
Adobe Connect versions 9.8.1 and earlier have a session token exposure vulnerability. Successful exploitation could lead to exposure of the privileges granted to a session. Adobe Connect, en versiones 9.8.1 y anteriores, tiene una vulnerabilidad de exposición de token de sesión. Su explotación con éxito podría provocar la exposición de privilegios ortogados a una sesión. • http://www.securityfocus.com/bid/106469 https://helpx.adobe.com/security/products/connect/apsb19-05.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2018-12805
https://notcve.org/view.php?id=CVE-2018-12805
Adobe Connect versions 9.7.5 and earlier have an Insecure Library Loading vulnerability. Successful exploitation could lead to privilege escalation. Adobe Connect, en versiones 9.7.5 y anteriores, tiene una vulnerabilidad de carga insegura de bibliotecas. Su explotación con éxito podría conducir al escalado de privilegios. • http://www.securityfocus.com/bid/104696 https://helpx.adobe.com/security/products/connect/apsb18-22.html • CWE-427: Uncontrolled Search Path Element •
CVE-2018-12804
https://notcve.org/view.php?id=CVE-2018-12804
Adobe Connect versions 9.7.5 and earlier have an Authentication Bypass vulnerability. Successful exploitation could lead to session hijacking. Adobe Connect, en versiones 9.7.5 y anteriores, tiene una vulnerabilidad de omisión de autenticación. Su explotación con éxito podría resultar en un secuestro de sesión. • http://www.securityfocus.com/bid/104697 http://www.securitytracker.com/id/1041264 https://helpx.adobe.com/security/products/connect/apsb18-22.html • CWE-287: Improper Authentication •