Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
field service vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-8720
ServiceNow ITSM 2016-06-02 has XSS via the First Name or Last Name field of My Profile (aka navpage.do), or the Search bar of My Portal (aka search_results.do).
Servicenow It Service Management -
4.8
CVSSv3
CVE-2021-43943
Affected versions of Atlassian Jira Service Management Server and Data Center allow attackers with administrator privileges to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the "Object Schema" field of /secure/admin/InsightDefault...
Atlassian Jira Service Management
6.5
CVSSv3
CVE-2019-1721
A vulnerability in the phone book feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote malicious user to cause the CPU to increase to 100% utilization, causing a denial of service (DoS) condition on an aff...
Cisco Telepresence Video Communication Server
NA
CVE-2012-5782
Amazon Flexible Payments Service (FPS) PHP Library does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an ar...
Amazon Flexible Payments Service -
6.5
CVSSv3
CVE-2023-25822
ReportPortal is an AI-powered test automation platform. Prior to version 5.10.0 of the `com.epam.reportportal:service-api` module, corresponding to ReportPortal version 23.2, the ReportPortal database becomes unstable and reporting almost fully stops except for small launches wit...
Reportportal Service-api
Reportportal Reportportal
5.4
CVSSv3
CVE-2022-26088
An issue exists in BMC Remedy prior to 22.1. Email-based Incident Forwarding allows remote authenticated users to inject HTML (such as an SSRF payload) into the Activity Log by placing it in the To: field. This affects rendering that occurs upon a click in the "number of rec...
Bmc Remedy It Service Management Suite 20.02
5.4
CVSSv3
CVE-2023-48517
Adobe Experience Manager versions 6.5.18 and previous versions are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged malicious user to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed i...
Adobe Experience Manager
Adobe Experience Manager Cloud Service
5.4
CVSSv3
CVE-2023-48546
Adobe Experience Manager versions 6.5.18 and previous versions are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged malicious user to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed i...
Adobe Experience Manager
Adobe Experience Manager Cloud Service
5.4
CVSSv3
CVE-2023-48547
Adobe Experience Manager versions 6.5.18 and previous versions are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged malicious user to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed i...
Adobe Experience Manager
Adobe Experience Manager Cloud Service
5.4
CVSSv3
CVE-2023-48444
Adobe Experience Manager versions 6.5.18 and previous versions are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged malicious user to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed i...
Adobe Experience Manager
Adobe Experience Manager Cloud Service
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »