CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24469
https://notcve.org/view.php?id=CVE-2023-24469
13 Jun 2023 — Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0 • https://portal.microfocus.com/s/article/KM000018224?language=en_US%2C • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24470
https://notcve.org/view.php?id=CVE-2023-24470
13 Jun 2023 — Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0. • https://portal.microfocus.com/s/article/KM000018224?language=en_US • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26331 – Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS).
https://notcve.org/view.php?id=CVE-2022-26331
31 Aug 2022 — Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions. Se han identificado posibles vulnerabilidades en Micro Focus ArcSight Logger. Las vulnerabilidades podrían ser explotadas de forma remota dando lugar a una Divulgación de Información, o ataques de tipo Cross-Sit... • https://portal.microfocus.com/s/article/KM000010167?language=en_US • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26330 – Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure.
https://notcve.org/view.php?id=CVE-2022-26330
31 Aug 2022 — Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions. Se han identificado posibles vulnerabilidades en Micro Focus ArcSight Logger. Las vulnerabilidades podrían explotarse de forma remota, resultando en una Divulgación de Información o ataques de tipo Cross-Site Sc... • https://portal.microfocus.com/s/article/KM000010167?language=en_US •
CVSS: 9.8EPSS: 9%CPEs: 1EXPL: 1CVE-2020-11851
https://notcve.org/view.php?id=CVE-2020-11851
17 Nov 2020 — Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code. Una vulnerabilidad de ejecución de código arbitraria en el producto Micro Focus ArcSight Logger, afectando a todas las versiones anteriores a 7.1.1. La vulnerabilidad podría ser explotada remotamente resultando en una ejecución de código arbitraria • https://github.com/ch1nghz/CVE-2020-11851 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11860
https://notcve.org/view.php?id=CVE-2020-11860
17 Nov 2020 — Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS) Una vulnerabilidad de tipo Cross-Site Scripting en el producto Micro Focus ArcSight Logger, que afecta a todas las versiones anteriores a 7.1.1. La vulnerabilidad podría ser explotada remotamente resultando en una vulnerabilidad de tipo Cross-Site Scripting (XSS) • https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25834
https://notcve.org/view.php?id=CVE-2020-25834
17 Nov 2020 — Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS). Una vulnerabilidad de tipo Cross-Site Scripting en el producto Micro Focus ArcSight Logger, afectando a versión 7.1. La vulnerabilidad podría ser explotada remotamente resultando en una vulnerabilidad de tipo Cross-Site Scripting (XSS) • https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11657
https://notcve.org/view.php?id=CVE-2019-11657
17 Dec 2019 — Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack. Vulnerabilidad de tipo Cross-Site Request Forgery en todo Micro Focus ArcSight Logger afectando a todas las versiones del producto por debajo de la versión 7.0. La vulnerabilidad podría ser explotada para lleva a cabo un ataque de tipo CSRF. • https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-0/ta-p/2750305?attachment-id=76910 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2019-11656
https://notcve.org/view.php?id=CVE-2019-11656
04 Oct 2019 — Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versions prior to Logger 6.7.1 HotFix 6.7.1.8262.0. This vulnerability could allow Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). Una vulnerabilidad de tipo XSS almacenado en Micro Focus ArcSight Logger afecta las versiones anteriores a Logger versión 6.7.1 HotFix versión 6.7.1.8262.0. Esta vulnerabilidad podría permitir la Neutralización Inapropiada de la Entrada Durante la Generación de Páginas Web ("Cr... • https://community.microfocus.com/t5/ArcSight-Announcements/ArcSight-Logger-Fix-for-Security-Vulnerability/td-p/2699569 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3485 – ArcSight Logger stored cross site script issue in version prior to 6.7.1
https://notcve.org/view.php?id=CVE-2019-3485
24 Jul 2019 — Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1 Mitiga un problema de Cross-Site Scripting (XSS) persistente en ArcSight Logger, en versiones anteriores a la 6.7.1. • http://www.securityfocus.com/bid/109363 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •