NotCVE - vendor:"Eramba" product:"Eramba" version:"e1.0.6.033"

4 results (0.009 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2018-7996

https://notcve.org/view.php?id=CVE-2018-7996

Eramba e1.0.6.033 has Stored XSS on the tooltip box via the /programScopes description parameter. Eramba e1.0.6.033 tiene Cross-Site Scripting (XSS) persistente en el cuadro tooltip mediante el parámetro /programScopes. • https://medium.com/stolabs/security-issues-on-eramba-cf887bc0a069 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2018-7997

https://notcve.org/view.php?id=CVE-2018-7997

Eramba e1.0.6.033 has Reflected XSS on the Error page of the CSV file inclusion tab of the /importTool/preview URI, with a CSV file polluted with malicious JavaScript. Eramba e1.0.6.033 tiene Cross-Site Scripting (XSS) reflejado en la página de error de las pestaña de inclusión de archivos CSV del URI /importTool/preview, con un archivo CSV contaminado con JavaScript malicioso. • https://medium.com/stolabs/security-issues-on-eramba-cf887bc0a069 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2018-7894

https://notcve.org/view.php?id=CVE-2018-7894

Eramba e1.0.6.033 has Reflected XSS in reviews/filterIndex/ThirdPartyRiskReview via the advanced_filter parameter (aka the Search Parameter). Eramba e1.0.6.033 tiene Cross-Site Scripting (XSS) reflejado en reviews/filterIndex/ThirdPartyRiskReview mediante el parámetro advanced_filter (también conocido como parámetro de búsqueda). • https://medium.com/stolabs/security-issues-on-eramba-cf887bc0a069 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2018-7741

https://notcve.org/view.php?id=CVE-2018-7741

Eramba e1.0.6.033 has Reflected XSS in the Date Filter via the created parameter to the /crons URI. Eramba e1.0.6.033 tiene Cross-Site Scripting (XSS) reflejado en Date Filter mediante el parámetro created en el URI /crons. • https://medium.com/stolabs/security-issues-on-eramba-cf887bc0a069 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •