RSS   Vulnerabilities for 'Web access'   RSS

2014-12-10
 
CVE-2014-9360

CWE-Other
 

 
XML external entity (XXE) vulnerability in Scalix Web Access 11.4.6.12377 and 12.2.0.14697 allows remote attackers to read arbitrary files and trigger requests to intranet servers via a crafted request.

 
2014-12-09
 
CVE-2014-9352

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the mail administration login panel in Scalix Web Access 11.4.6.12377 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

 


Copyright 2024, cxsecurity.com

 

Back to Top