Skip to main content

One Reporter

3 CVEs product

Monthly

CVE-2019-14298 MEDIUM POC This Month

Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(config) field to addDashboard or editDashboard in CommonDataHandlerReadOnly.ashx. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS One Reporter
NVD Exploit-DB
CVSS 3.0
5.4
EPSS
0.7%
CVE-2019-14297 MEDIUM POC This Month

Veeam ONE Reporter 9.5.0.3201 allows XSS via the Add/Edit Widget with a crafted Caption field to setDashboardWidget in CommonDataHandlerReadOnly.ashx. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS One Reporter
NVD Exploit-DB
CVSS 3.0
5.4
EPSS
0.7%
CVE-2019-11569 HIGH POC This Week

Veeam ONE Reporter 9.5.0.3201 allows CSRF. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF One Reporter
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
2.3%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(config) field to addDashboard or editDashboard in CommonDataHandlerReadOnly.ashx. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS One Reporter
NVD Exploit-DB
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Veeam ONE Reporter 9.5.0.3201 allows XSS via the Add/Edit Widget with a crafted Caption field to setDashboardWidget in CommonDataHandlerReadOnly.ashx. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS One Reporter
NVD Exploit-DB
EPSS 2% CVSS 8.8
HIGH POC This Week

Veeam ONE Reporter 9.5.0.3201 allows CSRF. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF One Reporter
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy