24 results (0.004 seconds)

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1

Cleartext transmission of sensitive information in Agora Video SDK prior to 3.1 allows a remote attacker to obtain access to audio and video of any ongoing Agora video call through observation of cleartext network traffic. La transmisión en texto sin cifrar de información confidencial en Agora Video SDK anterior a versión 3.1, permite a un atacante remoto obtener acceso al audio y video de cualquier videollamada de Agora en curso mediante la observación del tráfico de red en texto sin cifrar • https://docs.agora.io/en/Agora%20Platform/downloads https://www.mcafee.com/blogs/other-blogs/mcafee-labs/dont-call-us-well-call-you-mcafee-atr-finds-vulnerability-in-agora-video-sdk • CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

XSS in Agora-Project 3.2.2 exists with an index.php?disconnect=1&msgNotif[]=[XSS] attack. Vulnerabilidad de XSS en Agora-Project 3.2.2 existe con un ataque index.php?disconnect=1&msgNotif[]=[XSS]. • http://www.securityfocus.com/bid/96940 https://packetstormsecurity.com/files/141507/Agora-Project-3.2.2-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=file&targetObjId=fileFolder-2&targetObjIdChild=[XSS] attack. Vulnerabilidad de XSS en Agora-Project 3.2.2 existe con un ataque index.php?ctrl=file&targetObjId=fileFolder-2&targetObjIdChild=[XSS]. • http://www.securityfocus.com/bid/96940 https://packetstormsecurity.com/files/141507/Agora-Project-3.2.2-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=object&action=[XSS] attack. Vulnerabilidad de XSS en Agora-Project 3.2.2 existe con un ataque index.php?ctrl=object&action=[XSS]. • http://www.securityfocus.com/bid/96940 https://packetstormsecurity.com/files/141507/Agora-Project-3.2.2-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=misc&action=[XSS]&editObjId=[XSS] attack. Vulnerabilidad de XSS en Agora-Project 3.2.2 existe con un ataque index.php?ctrl=misc&action=[XSS]&editObjId=[XSS]. • http://www.securityfocus.com/bid/96940 https://packetstormsecurity.com/files/141507/Agora-Project-3.2.2-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •