12 results (0.003 seconds)

CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0

Cross-site scripting (XSS) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en EMC RSA Archer GRC Platform 5.x anterior a 5.5.1.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2014-12/0073.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer 5.x before GRC 5.4 SP1 P3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de XSS en EMC RSA Archer 5.x anterior a GRC 5.4 SP1 P3 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2014-05/0134.html http://packetstormsecurity.com/files/126788/RSA-Archer-GRC-Cross-Site-Scripting.html http://www.securityfocus.com/bid/67602 http://www.securitytracker.com/id/1030281 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer GRC 5.x before 5.4 SP1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades cross-site scripting (XSS) en EMC RSAArcher GRC 5.x anteriores a 5.4 SP1 permite a atacantes remotos inyectar script web o HTML de forma arbitraria a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2013-12/0120.html http://www.securitytracker.com/id/1029523 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.0EPSS: 0%CPEs: 4EXPL: 0

EMC RSA Archer GRC 5.x before 5.4 allows remote authenticated users to bypass intended access restrictions and complete a login by leveraging a deactivated account. EMC RSA Archer GRC v5.x anterior a v5.4 permite a usuarios remotos autenticados eludir las restricciones de acceso previstas y completar un inicio de sesión mediante el aprovechamiento de una cuenta desactivada. • http://archives.neohapsis.com/archives/bugtraq/2013-09/0013.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.8EPSS: 0%CPEs: 4EXPL: 0

Open redirect vulnerability in EMC RSA Archer GRC 5.x before 5.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Vulnerabilidad de redirección abierta en EMC RSA Archer GRC v5.x anterior a v5.4 permite a atacantes remotos para redirigir a los usuarios a sitios web arbitrarios y llevar a cabo ataques de phishing a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2013-09/0013.html • CWE-20: Improper Input Validation •