CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2019-11649 – KM03461174 Micro Focus Fortify Software Security Center Server, CVE-2019-11649
https://notcve.org/view.php?id=CVE-2019-11649
Cross-Site Scripting vulnerability in Micro Focus Fortify Software Security Center Server, versions 17.2, 18.1, 18.2, has been identified in Micro Focus Software Security Center. The vulnerability could be exploited to execute JavaScript code in user’s browser. The vulnerability could be exploited to execute JavaScript code in user’s browser. La vulnerabilidad de secuencias de comandos entre sitios en Micro Focus Fortify Software Security Center Server, versiones 17.2, 18.1, 18.2, se ha identificado en Micro Focus Software Security Center. La vulnerabilidad podría explotarse para ejecutar código JavaScript en el navegador del usuario. • https://softwaresupport.softwaregrp.com/doc/KM03461174 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2018-7691 – MFSBGN03835 rev.1 - Fortify Software Security Center (SSC), Remote Unauthorized Access
https://notcve.org/view.php?id=CVE-2018-7691
A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access Un potencial acceso remoto no autorizado en Micro Focus Fortify Software Security Center (SSC) 17.10, 17.20 y 18.10 podría permitir el acceso remoto no autorizado. Fortify Software Security Center versions 17.10, 17.20, and 18.10 suffer from an insecure direct object reference vulnerability related to extracting local and ldap users. • https://www.exploit-db.com/exploits/45990 https://github.com/alt3kx/CVE-2018-7691 https://softwaresupport.softwaregrp.com/doc/KM03298201 •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2018-7690 – MFSBGN03835 rev.1 - Fortify Software Security Center (SSC), Remote Unauthorized Access
https://notcve.org/view.php?id=CVE-2018-7690
A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access Un potencial acceso remoto no autorizado en Micro Focus Fortify Software Security Center (SSC) 17.10, 17.20 y 18.10 podría permitir el acceso remoto no autorizado. Fortify Software Security Center versions 17.10, 17.20, and 18.10 suffer from an insecure direct object reference vulnerability related to user projects. • https://www.exploit-db.com/exploits/45989 https://github.com/alt3kx/CVE-2018-7690 https://softwaresupport.softwaregrp.com/doc/KM03298201 •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-6486 – MFSBGN03797 rev.1 - Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), XML External Entity Injection
https://notcve.org/view.php?id=CVE-2018-6486
XML External Entity (XXE) vulnerability in Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), versions 16.10, 16.20, 17.10. This vulnerability could be exploited to allow a XML External Entity (XXE) injection. Vulnerabilidad XEE (XML External Entity) en Micro Focus Fortify Audit Workbench (AWB) y Micro Focus Fortify Software Security Center (SSC), versiones 16.10, 16.20 y 17.10. Esta vulnerabilidad podría ser explotada para permitir inyección XEE (XML External Entity). • http://www.securityfocus.com/bid/102902 https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03083653 • CWE-611: Improper Restriction of XML External Entity Reference •