RSS   Vulnerabilities for 'Epm suite'   RSS

2013-08-28
 
CVE-2013-3584

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in Corporater EPM Suite allows remote attackers to inject arbitrary web script or HTML via the customerId parameter to an unspecified component.

 
 
CVE-2013-3583

CWE-352
 

 
Cross-site request forgery (CSRF) vulnerability in saveProperties.html in Corporater EPM Suite allows remote attackers to hijack the authentication of arbitrary users for requests that change passwords.

 


Copyright 2024, cxsecurity.com

 

Back to Top