CVE-2018-6495 – MFSBGN03808 rev.1 - Micro Focus UCMDB, Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-6495
Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). Cross-Site Scripting (XSS) en Micro Focus Universal CMDB, versiones 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33 y 11.0; CMS, versiones 4.10, 4.11, 4.12, 4.13, 4.14 y 4.15.1 y Micro Focus UCMDB Browser, versiones 4.10, 4.11, 4.12, 4.13, 4.14 y 4.15.1. La vulnerabilidad se podría explotar de forma remota para permitir que se produzca Cross-Site Scripting (XSS). • http://www.securitytracker.com/id/1040970 https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03164778 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-6487 – MFSBGN03799 rev.1 - Micro Focus UCMDB, Remote Disclosure of Information
https://notcve.org/view.php?id=CVE-2018-6487
Remote Disclosure of Information in Micro Focus Universal CMDB Foundation Software, version numbers 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 4.10, 4.11. This vulnerability could be remotely exploited to allow disclosure of information. Divulgación remota de información en Micro Focus Universal CMDB Foundation Software, versiones 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 4.10, 4.11. La vulnerabilidad se podría explotar de forma remota para permitir la divulgación de información. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03091097 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •