CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2021-22523
https://notcve.org/view.php?id=CVE-2021-22523
XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions. Una vulnerabilidad detipo XML External Entity en Micro Focus Verastream Host Integrator, que afecta a versión 7.8 Update 1 y versiones anteriores. La vulnerabilidad podría permitir el control del navegador web y el secuestro de las sesiones de usuarios • https://support.microfocus.com/kb/doc.php?id=7025169 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-22522
https://notcve.org/view.php?id=CVE-2021-22522
Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream Host Integrator, affecting version version 7.8 Update 1 and earlier versions. The vulnerability could allow disclosure of confidential data. Una vulnerabilidad de tipo Cross-Site Scripting Reflejado en Micro Focus Verastream Host Integrator, que afecta a versión 7.8 Update 1 y versiones anteriores. La vulnerabilidad podría permitir una divulgación de datos confidenciales • https://support.microfocus.com/kb/doc.php?id=7025169 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-11842
https://notcve.org/view.php?id=CVE-2020-11842
Information disclosure vulnerability in Micro Focus Verastream Host Integrator (VHI) product, affecting versions earlier than 7.8 Update 1 (7.8.49 or 7.8.0.49). The vulnerability allows an unauthenticated attackers to view information they may not have been authorized to view. Una vulnerabilidad de divulgación de Información en el producto Micro Focus Verastream Host Integrator (VHI), afectando a las versiones anteriores a la versión 7.8 Update 1 (7.8.49 o 7.8.0.49). La vulnerabilidad permite a un atacante no autenticado ver información que puede no haber sido autorizada para visualizar. • https://support.microfocus.com/kb/doc.php?id=7024567 •
CVSS: 8.6EPSS: 0%CPEs: 9EXPL: 0CVE-2019-11654 – A path traversal vulnerability has been identified in Verastream Host Integrator
https://notcve.org/view.php?id=CVE-2019-11654
Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and earlier, The vulnerability allows remote unauthenticated attackers to read arbitrary files. Vulnerabilidad transversal de ruta en Micro Focus Verastream Host Integrator (VHI), versiones 7.7 SP2 y anteriores. La vulnerabilidad permite a atacantes remotos no autenticados leer archivos arbitrarios. • https://support.microfocus.com/kb/doc.php?id=7024061 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •