RSS   Vulnerabilities for 'Keysight database connector'   RSS

2020-12-15
 
CVE-2020-35122

CWE-89
 

 
An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could bypass the access controls for using a saved database connection profile to submit arbitrary SQL against a saved database connection.

 
 
CVE-2020-35121

CWE-94
 

 
An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could insert arbitrary JavaScript into saved macro parameters that would execute when a user viewed a page with that instance of the macro.

 

 >>> Vendor: Keysight 2 Products
Keysight database connector
Database connector


Copyright 2024, cxsecurity.com

 

Back to Top