Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.1
CVSSv3

CVE-2020-27182

Published: 27/10/2020 Updated: 27/10/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Konzept-ix

Vulnerability Summary

Multiple cross-site scripting (XSS) vulnerabilities in konzept-ix publiXone prior to 2020.015 allow remote malicious users to inject arbitrary JavaScript or HTML via appletError.jsp, job_jacket_detail.jsp, ixedit/editor_component.jsp, or the login form.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

konzept-ix publixone

Mailing Lists

Full Disclosure: SEC Consult SA-20201023-0 :: Multiple Vulnerabilities in PubliXone
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> SEC Consult SA-20201023-0 :: Multiple Vulnerabilities in PubliXone <!--X-Subject-Header-End--> <!--X-Head-of-Message-- ...

References

CWE-79https://seclists.org/fulldisclosure/2020/Oct/28https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-publixone/https://nvd.nist.govhttp://seclists.org/fulldisclosure/2020/Oct/28
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925CVE-2023-41826LFICVE-2022-22364CVE-2024-2887command injectionremote code executionCVE-2024-34446CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook