RSS   Podatności dla 'Saint security suite'   RSS

2020-08-10
 
CVE-2020-16278

CWE-79
 

 
A cross-site scripting (XSS) vulnerability in the Permissions component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user clicks on a specially crafted link.

 
 
CVE-2020-16277

CWE-89
 

 
An SQL injection vulnerability in the Analytics component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database.

 
 
CVE-2020-16276

CWE-89
 

 
An SQL injection vulnerability in the Assets component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database.

 
 
CVE-2020-16275

CWE-79
 

 
A cross-site scripting (XSS) vulnerability in the Credential Manager component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user clicks on a specially crafted link.

 


Copyright 2021, cxsecurity.com

 

Back to Top