Skip to main content
CVE-2020-8788 MEDIUM POC This Month

Synaptive Medical ClearCanvas ImageServer 3.0 Alpha allows XSS (and HTML injection) via the Default.aspx UserName parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Clearcanvas
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-8812 MEDIUM POC This Month

Bludit 3.10.0 allows Editor or Author roles to insert malicious JavaScript on the WYSIWYG editor. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Bludit
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-8811 MEDIUM POC This Month

ajax/profile-picture-upload.php in Bludit 3.10.0 allows authenticated users to change other users' profile pictures. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP Bludit
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2020-1700 MEDIUM This Month

A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Ceph Openshift Container Storage Leap Ubuntu Linux
NVD
CVSS 3.1
6.5
EPSS
2.5%
CVE-2020-1768 MEDIUM This Month

The external frontend system uses numerous background calls to the backend. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
5.4
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy