CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-46785
https://notcve.org/view.php?id=CVE-2022-46785
SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows XSS (issue 1 of 2). • https://scomsupport.squaredup.com/hc/en-us/articles/9476404119197-CVE-2022-46785-Prototype-pollution-leading-to-XSS • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2022-46786
https://notcve.org/view.php?id=CVE-2022-46786
SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows XSS (issue 2 of 2). • https://scomsupport.squaredup.com/hc/en-us/articles/9476419759005-CVE-2022-46786-Stored-Cross-Site-Scripting https://support.squaredup.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-46784
https://notcve.org/view.php?id=CVE-2022-46784
SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows open redirection. (The issue was originally found in 5.5.1 GA.) • https://scomsupport.squaredup.com/hc/en-us/articles/9476404091677-CVE-2022-46784-Client-side-open-redirection • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6516
https://notcve.org/view.php?id=CVE-2019-6516
An issue was discovered in WSO2 Dashboard Server 2.0.0. It is possible to force the application to perform requests to the internal workstation (port-scanning) and to perform requests to adjacent workstations (network-scanning), aka SSRF. Se ha descubierto un problema en WSO2 Dashboard Server versión 2.0.0. Es posible forzar a la aplicación a ejecutar peticiones a la estación de trabajo interna (escaneo de puertos) y realizar peticiones a estaciones de trabajo adyacentes (escaneo de red), también se conoce como SSRF. • https://wso2.com/security-patch-releases/dashboard-server https://www.excellium-services.com/cert-xlm-advisory • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6514
https://notcve.org/view.php?id=CVE-2019-6514
An issue was discovered in WSO2 Dashboard Server 2.0.0. It is possible to inject a JavaScript payload that will be stored in the database and then displayed and executed on the same page, aka XSS. Se descubriò un problema en WSO2 Dashboard Server versión 2.0.0. Es posible ingresar una carga de JavaScript que se almacenará en la base de datos y luego se mostrará y ejecutará en la misma página, también se conoce como una vulnerabilidad de tipo Cross-Site Scripting (XSS). • https://wso2.com/security-patch-releases/dashboard-server https://www.excellium-services.com/cert-xlm-advisory • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •