6 results (0.015 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in the Case Management application in EMC RSA Adaptive Authentication (On-Premise) before 6.0.2.1.SP3.P4 HF210, 7.0.x and 7.1.x before 7.1.0.0.SP0.P6 HF50, and 7.2.x before 7.2.0.0.SP0.P0 HF20 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la aplicación Case Management en EMC RSA Adaptive Authentication (On-Premise) en versiones anteriores a 6.0.2.1.SP3.P4 HF210, 7.0.x y 7.1.x en versiones anteriores a 7.1.0.0.SP0.P6 HF50 y 7.2.x en versiones anteriores a 7.2.0.0.SP0.P0 HF20 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://seclists.org/bugtraq/2016/Sep/33 http://www.securityfocus.com/bid/93025 http://www.securitytracker.com/id/1036851 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0

Cross-site scripting (XSS) vulnerability in RSA Adaptive Authentication (On-Premise) 6.x and 7.x before 7.1 SP0 P2 allows remote attackers to inject arbitrary web script or HTML via vectors involving FRAME elements, related to a "cross-frame scripting" issue. Vulnerabilidad de XSS en RSA Adaptive Authentication (On-Premise) 6.x y 7.x anterior a 7.1 SP0 P2 permite a atacantes remotos inyectar script Web o HTML arbitrarios a través de vectores involucrando elementos FRAME, relacionado con un problema de "cross-frame scripting". • http://archives.neohapsis.com/archives/bugtraq/2014-04/0007.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0

Cross-site scripting (XSS) vulnerability in the back-office case-management application in RSA Adaptive Authentication (On-Premise) 6.x and 7.x before 7.1 SP0 P2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la aplicación back-office case-management en RSA Adaptive Authentication (On-Premise) 6.x y 7.x anterior a 7.1 SP0 P2 permite a usuarios remotos autenticados inyectar script Web o HTML arbitrarios a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2014-04/0007.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Adaptive Authentication On-Premise (AAOP) before 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en EMC RSA Adaptive Authentication On-Premise (AAOP) antes de v7.0, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2012-11/0096.html http://osvdb.org/87876 http://packetstormsecurity.com/files/118381/RSA-Adaptive-Authentication-On-Premise-6.x-XSS.html http://secunia.com/advisories/51394 http://www.securityfocus.com/bid/56699 http://www.securitytracker.com/id?1027811 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 2.9EPSS: 0%CPEs: 11EXPL: 0

Unspecified vulnerability in EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 before SP3 P3 allows remote attackers to obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en EMC RSA Adaptive Authentication On-Premise (AAOP) v6.0.2.1 antes de SP3 P3, permite a atacantes remotos obtener información sensible a través de vectores desconocidos • http://archives.neohapsis.com/archives/bugtraq/2012-10/0036.html http://www.securityfocus.com/bid/55842 •