Skip to main content
CVE-2019-19679 MEDIUM POC This Month

In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the Pre-Condition Summary entry point via the summary field of a Create Pre-Condition action. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Atlassian Xray Test Mangaement
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2019-19678 MEDIUM POC This Month

In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the generic field entry point via the Generic Test Definition field of a new Generic Test. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Atlassian Xray Test Mangaement
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2019-19682 MEDIUM POC This Month

nopCommerce through 4.20 allows XSS in the SaveStoreMappings of the components \Presentation\Nop.Web\Areas\Admin\Controllers\NewsController.cs and. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Nopcommerce
NVD GitHub
CVSS 3.1
4.8
EPSS
0.6%
CVE-2019-18380 MEDIUM This Month

Symantec Industrial Control System Protection (ICSP), versions 6.x.x, may be susceptible to an unauthorized access issue that could potentially allow a threat actor to create or modify application. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Industrial Control System Protection
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2019-19645 MEDIUM PATCH This Month

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Sqlite Cloud Backup Ontap Select Deploy Administration Utility Mysql Workbench +2
NVD GitHub
CVSS 3.1
5.5
EPSS
0.6%
CVE-2019-4611 MEDIUM PATCH This Month

IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Planning Analytics
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2019-4428 MEDIUM PATCH This Month

IBM Watson Assistant for IBM Cloud Pak for Data 1.0.0 through 1.3.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Watson Assistant For Ibm Cloud Pak For Data
NVD
CVSS 3.1
5.4
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy