Skip to main content

Enterprise Security Api

4 CVEs product

Monthly

CVE-2022-24891 Maven MEDIUM POC PATCH This Month

ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Enterprise Security Api Weblogic Server Active Iq Unified Manager Oncommand Workflow Automation
NVD GitHub
CVSS 3.1
6.1
EPSS
1.6%
CVE-2022-23457 Maven CRITICAL POC PATCH Act Now

ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Enterprise Security Api Weblogic Server Active Iq Unified Manager Oncommand Workflow Automation
NVD GitHub
CVSS 3.1
9.8
EPSS
2.8%
CVE-2013-5960 Maven MEDIUM POC PATCH This Month

The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0.1 does not properly resist tampering with. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available.

Java Authentication Bypass Enterprise Security Api
NVD GitHub
CVSS 2.0
5.8
EPSS
0.2%
CVE-2013-5679 Maven LOW POC PATCH Monitor

The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0 does not properly resist tampering with. Rated low severity (CVSS 2.6). Public exploit code available.

Java Authentication Bypass Enterprise Security Api
NVD
CVSS 2.0
2.6
EPSS
0.1%
EPSS 2% CVSS 6.1
MEDIUM POC PATCH This Month

ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Enterprise Security Api Weblogic Server +2
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC PATCH Act Now

ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Enterprise Security Api Weblogic Server +2
NVD GitHub
EPSS 0% CVSS 5.8
MEDIUM POC PATCH This Month

The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0.1 does not properly resist tampering with. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available.

Java Authentication Bypass Enterprise Security Api
NVD GitHub
EPSS 0% CVSS 2.6
LOW POC PATCH Monitor

The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0 does not properly resist tampering with. Rated low severity (CVSS 2.6). Public exploit code available.

Java Authentication Bypass Enterprise Security Api
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy