NotCVE - vendor:"Zoho" product:"Salesiq" version:" <= 1.0.8"

4 results (0.004 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-15644 – Zoho SalesIQ <= 1.0.8 - Stored Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2019-15644

31 May 2019 — The zoho-salesiq plugin before 1.0.9 for WordPress has stored XSS. El plugin zoho-salesiq versiones anteriores a 1.0.9 para WordPress, tiene una vulnerabilidad de tipo XSS almacenado. • https://wordpress.org/plugins/zoho-salesiq/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-15645 – Zoho SalesIQ <= 1.0.8 - Cross-Site Request Forgery

https://notcve.org/view.php?id=CVE-2019-15645

31 May 2019 — The zoho-salesiq plugin before 1.0.9 for WordPress has CSRF. El plugin zoho-salesiq versiones anteriores a 1.0.9 para WordPress, tiene una vulnerabilidad de tipo CSRF. • https://wordpress.org/plugins/zoho-salesiq/#developers • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-5962 – Zoho SalesIQ <= 1.0.8 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2019-5962

31 May 2019 — Cross-site scripting vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad de tipo cross-site-scripting (XSS) en Zoho SalesIQ versión 1.0.8 y anteriores, permite a los atacantes remotos inyectar script web o HTML arbitrario por medio de vectores no especificados. • https://jvn.jp/en/jp/JVN88962935/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-5963 – Zoho SalesIQ <= 1.0.8 - Cross-Site Request Forgery

https://notcve.org/view.php?id=CVE-2019-5963

31 May 2019 — Cross-site request forgery (CSRF) vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. Una vulnerabilidad de tipo cross-site request forgery (CSRF) en Zoho SalesIQ versión 1.0.8 y anteriores, permite a los atacantes remotos secuestrar la autenticación de administradores por medio de vectores no especificados. • https://jvn.jp/en/jp/JVN88962935/index.html • CWE-352: Cross-Site Request Forgery (CSRF) •