CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 3 and 3.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1451 CVE-2020-5825 269 2020-02-11 2020-02-13
3.6
None Local Low Not required None Partial Partial
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges.
1452 CVE-2020-5810 79 XSS 2020-12-30 2021-01-04
3.5
None Remote Medium ??? None Partial None
A stored XSS vulnerability exists in Umbraco CMS <= 8.9.1 or current. An authenticated user authorized to upload media can upload a malicious .svg file which act as a stored XSS payload.
1453 CVE-2020-5809 79 XSS 2020-12-30 2021-01-04
3.5
None Remote Medium ??? None Partial None
A stored XSS vulnerability exists in Umbraco CMS <= 8.9.1 or current. An authenticated user can inject arbitrary JavaScript code into iframes when editing content using the TinyMCE rich-text editor, as TinyMCE is configured to allow iframes by default in Umbraco CMS.
1454 CVE-2020-5797 59 2020-11-21 2020-12-03
3.6
None Local Low Not required Partial Partial None
UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an unauthenticated actor, with physical access and network access, to read sensitive files and write to a limited set of files after plugging a crafted USB drive into the router.
1455 CVE-2020-5774 613 2020-08-21 2020-08-28
3.6
None Local Low Not required Partial Partial None
Nessus versions 8.11.0 and earlier were found to maintain sessions longer than the permitted period in certain scenarios. The lack of proper session expiration could allow attackers with local access to login into an existing browser session.
1456 CVE-2020-5769 79 XSS 2020-07-17 2020-07-22
3.5
None Remote Medium ??? None Partial None
Insufficient output sanitization in Teltonika firmware TRB2_R_00.02.02 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by injecting malicious client-side code into the 'URL/ Host / Connection' form in the 'DATA TO SERVER' configuration section.
1457 CVE-2020-5765 79 Exec Code XSS 2020-07-15 2020-07-20
3.5
None Remote Medium ??? None Partial None
Nessus 8.10.0 and earlier were found to contain a Stored XSS vulnerability due to improper validation of input during scan configuration. An authenticated, remote attacker could potentially exploit this vulnerability to execute arbitrary code in a user's session. Tenable has implemented additional input validation mechanisms to correct this issue in Nessus 8.11.0.
1458 CVE-2020-5751 79 XSS 2020-05-07 2020-05-11
3.5
None Remote Medium ??? None Partial None
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted operator.
1459 CVE-2020-5749 79 XSS 2020-05-07 2020-05-11
3.5
None Remote Medium ??? None Partial None
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted group.
1460 CVE-2020-5747 79 XSS 2020-05-07 2020-05-11
3.5
None Remote Medium ??? None Partial None
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted test.
1461 CVE-2020-5746 79 XSS 2020-05-07 2020-05-11
3.5
None Remote Medium ??? None Partial None
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted test.
1462 CVE-2020-5737 79 Exec Code XSS 2020-04-17 2020-04-23
3.5
None Remote Medium ??? None Partial None
Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue.
1463 CVE-2020-5665 755 2020-12-14 2020-12-15
3.3
None Local Network Low Not required None None Partial
Improper check or handling of exceptional conditions in MELSEC iQ-F series FX5U(C) CPU unit firmware version 1.060 and earlier allows an attacker to cause a denial-of-service (DoS) condition on program execution and communication by sending a specially crafted ARP packet.
1464 CVE-2020-5662 79 XSS 2020-11-16 2020-11-20
3.5
None Remote Medium ??? None Partial None
Reflected cross-site scripting vulnerability in XooNIps 3.49 and earlier allows remote authenticated attackers to inject arbitrary script via unspecified vectors.
1465 CVE-2020-5657 88 2020-11-02 2020-11-10
3.3
None Local Network Low Not required None None Partial
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows unauthenticated attackers on adjacent network to stop the network functions of the products via a specially crafted packet.
1466 CVE-2020-5620 79 XSS 2020-08-25 2020-08-25
3.5
None Remote Medium ??? None Partial None
Cross-site scripting vulnerability in Exment prior to v3.6.0 allows remote authenticated attackers to inject arbitrary script or HTML via a specially crafted file.
1467 CVE-2020-5619 79 XSS 2020-08-25 2020-08-26
3.5
None Remote Medium ??? None Partial None
Cross-site scripting vulnerability in Exment prior to v3.6.0 allows remote authenticated attackers to inject arbitrary script or HTML via unspecified vectors.
1468 CVE-2020-5586 79 XSS 2020-06-30 2020-07-02
3.5
None Remote Medium ??? None Partial None
Cross-site scripting vulnerability in Cybozu Garoon 4.10.3 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors.
1469 CVE-2020-5585 79 XSS 2020-06-30 2020-07-02
3.5
None Remote Medium ??? None Partial None
Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors.
1470 CVE-2020-5570 79 XSS 2020-04-28 2020-05-01
3.5
None Remote Medium ??? None Partial None
Cross-site scripting vulnerability in Sales Force Assistant version 11.2.48 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
1471 CVE-2020-5421 Bypass 2020-09-19 2021-05-13
3.6
None Remote High ??? Partial Partial None
In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.
1472 CVE-2020-5346 79 Exec Code XSS 2020-04-15 2020-08-31
3.5
None Remote Medium ??? None Partial None
RSA Authentication Manager versions prior to 8.4 P11 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript code through the Security Console web interface. When other Security Console administrators open the affected page, the injected scripts could potentially be executed in their browser.
1473 CVE-2020-5340 79 Exec Code XSS 2020-03-26 2020-08-31
3.5
None Remote Medium ??? None Partial None
RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript code through the Security Console web interface. When other Security Console administrators attempt to change the default security domain mapping, the injected scripts could potentially be executed in their browser.
1474 CVE-2020-5339 79 Exec Code XSS 2020-03-26 2020-08-31
3.5
None Remote Medium ??? None Partial None
RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript code through the Security Console web interface. When other Security Console administrators open the affected report page, the injected scripts could potentially be executed in their browser.
1475 CVE-2020-5317 79 Exec Code XSS 2020-02-06 2020-02-12
3.5
None Remote Medium ??? None Partial None
Dell EMC ECS versions prior to 3.4.0.1 contain an XSS vulnerability. A remote authenticated malicious user could exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application.
1476 CVE-2020-5306 79 XSS 2020-01-05 2020-09-18
3.5
None Remote Medium ??? None Partial None
Codoforum 4.8.3 allows XSS via a post using parameters display name, title name, or content.
1477 CVE-2020-5305 79 XSS 2020-01-05 2020-01-08
3.5
None Remote Medium ??? None Partial None
Codoforum 4.8.3 allows XSS in the admin dashboard via a name field of a new user, i.e., on the Manage Users screen.
1478 CVE-2020-5301 200 +Info 2020-04-21 2020-04-29
3.5
None Remote Medium ??? Partial None None
SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in `SimpleSAML\Module` that processes requests for pages hosted by modules, has code to identify paths ending with `.php` and process those as PHP code. If no other suitable way of handling the given path exists it presents the file to the browser. The check to identify paths ending with `.php` does not account for uppercase letters. If someone requests a path ending with e.g. `.PHP` and the server is serving the code from a case-insensitive file system, such as on Windows, the processing of the PHP code does not occur, and the source code is instead presented to the browser. An attacker may use this issue to gain access to the source code in third-party modules that is meant to be private, or even sensitive. However, the attack surface is considered small, as the attack will only work when SimpleSAMLphp serves such content from a file system that is not case-sensitive, such as on Windows. This issue is fixed in version 1.18.6.
1479 CVE-2020-5300 294 2020-04-06 2020-04-07
3.5
None Remote Medium ??? Partial None None
In Hydra (an OAuth2 Server and OpenID Certified™ OpenID Connect Provider written in Go), before version 1.4.0+oryOS.17, when using client authentication method 'private_key_jwt' [1], OpenId specification says the following about assertion `jti`: "A unique identifier for the token, which can be used to prevent reuse of the token. These tokens MUST only be used once, unless conditions for reuse were negotiated between the parties". Hydra does not check the uniqueness of this `jti` value. Exploiting this vulnerability is somewhat difficult because: - TLS protects against MITM which makes it difficult to intercept valid tokens for replay attacks - The expiry time of the JWT gives only a short window of opportunity where it could be replayed This has been patched in version v1.4.0+oryOS.17
1480 CVE-2020-5298 87 XSS 2020-06-03 2020-08-04
3.5
None Remote Medium ??? None Partial None
In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, a user with the ability to use the import functionality of the `ImportExportController` behavior can be socially engineered by an attacker to upload a maliciously crafted CSV file which could result in a reflected XSS attack on the user in question Issue has been patched in Build 466 (v1.0.466).
1481 CVE-2020-5294 79 XSS 2020-04-16 2020-04-22
3.5
None Remote Medium ??? None Partial None
PrestaShop module ps_facetedsearch versions before 2.1.0 has a reflected XSS with social networks fields The problem is fixed in 2.1.0
1482 CVE-2020-5277 79 XSS 2020-03-25 2020-03-27
3.5
None Remote Medium ??? None Partial None
PrestaShop module ps_facetedsearch versions before 3.5.0 has a reflected XSS with `url_name` parameter. The problem is fixed in 3.5.0
1483 CVE-2020-5273 79 XSS 2020-04-16 2020-04-22
3.5
None Remote Medium ??? None Partial None
In PrestaShop module ps_linklist versions before 3.1.0, there is a stored XSS when using custom URLs. The problem is fixed in version 3.1.0
1484 CVE-2020-5267 80 XSS 2020-03-19 2020-10-05
3.5
None Remote Medium ??? None Partial None
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2.
1485 CVE-2020-5266 79 XSS 2020-04-16 2020-04-22
3.5
None Remote Medium ??? None Partial None
In the ps_link module for PrestaShop before version 3.1.0, there is a stored XSS when you create or edit a link list block with the title field. The problem is fixed in 3.1.0
1486 CVE-2020-5241 79 XSS 2020-02-13 2020-02-18
3.5
None Remote Medium ??? None Partial None
matestack-ui-core (RubyGem) before 0.7.4 is vulnerable to XSS/Script injection. This vulnerability is patched in version 0.7.4.
1487 CVE-2020-5226 79 XSS 2020-01-24 2020-01-30
3.5
None Remote Medium ??? None Partial None
Cross-site scripting in SimpleSAMLphp before version 1.18.4. The www/erroreport.php script allows error reports to be submitted and sent to the system administrator. Starting with SimpleSAMLphp 1.18.0, a new SimpleSAML\Utils\EMail class was introduced to handle sending emails, implemented as a wrapper of an external dependency. This new wrapper allows us to use Twig templates in order to create the email sent with an error report. Since Twig provides automatic escaping of variables, manual escaping of the free-text field in www/errorreport.php was removed to avoid double escaping. However, for those not using the new user interface yet, an email template is hardcoded into the class itself in plain PHP. Since no escaping is provided in this template, it is then possible to inject HTML inside the template by manually crafting the contents of the free-text field.
1488 CVE-2020-5197 863 2020-01-13 2020-01-21
3.5
None Remote Medium ??? Partial None None
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1. It has Incorrect Access Control.
1489 CVE-2020-5186 79 XSS 2020-02-24 2020-02-24
3.5
None Remote Medium ??? None Partial None
DNN (formerly DotNetNuke) through 9.4.4 allows XSS (issue 1 of 2).
1490 CVE-2020-5032 DoS 2021-02-04 2021-02-04
3.3
None Local Network Low Not required None None Partial
IBM QRadar SIEM 7.3 and 7.4 in some configurations may be vulnerable to a temporary denial of service attack when sent particular payloads. IBM X-Force ID: 194178.
1491 CVE-2020-5030 79 XSS 2021-06-02 2021-06-07
3.5
None Remote Medium ??? None Partial None
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 193737.
1492 CVE-2020-5021 384 2021-01-08 2021-01-11
3.6
None Local Low Not required Partial Partial None
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 does not invalidate session after a password reset which could allow a local user to impersonate another user on the system. IBM X-Force ID: 193657.
1493 CVE-2020-5016 22 Dir. Trav. 2021-03-10 2021-03-17
3.5
None Remote Medium ??? Partial None None
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. When application security is disabled and JAX-RPC applications are present, an attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary xml files on the system. This does not occur if Application security is enabled. IBM X-Force ID: 193556.
1494 CVE-2020-4997 79 XSS 2021-04-05 2021-04-08
3.5
None Remote Medium ??? None Partial None
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192914
1495 CVE-2020-4987 79 XSS 2021-05-04 2021-05-14
3.5
None Remote Medium ??? None Partial None
The IBM FlashSystem 900 user management GUI is vulnerable to stored cross-site scripting in code versions 1.5.2.8 and prior and 1.6.1.2 and prior. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
1496 CVE-2020-4981 269 2021-04-27 2021-05-03
3.6
None Local Low Not required None Partial Partial
IBM Spectrum Scale 5.0.4.1 through 5.1.0.3 could allow a local privileged user to overwrite files due to improper input validation. IBM X-Force ID: 192541.
1497 CVE-2020-4977 79 XSS 2021-06-02 2021-06-07
3.5
None Remote Medium ??? None Partial None
IBM Engineering Lifecycle Optimization - Publishing is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192470.
1498 CVE-2020-4976 276 2021-03-11 2021-04-12
3.6
None Local Low Not required Partial Partial None
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to read and write specific files due to weak file permissions. IBM X-Force ID: 192469.
1499 CVE-2020-4975 79 XSS 2021-03-04 2021-03-10
3.5
None Remote Medium ??? None Partial None
IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192435.
1500 CVE-2020-4968 327 2021-01-21 2021-01-28
3.3
None Local Network Low Not required Partial None None
IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192427.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.