Skip to main content

Pattern Insight

5 CVEs product

Monthly

CVE-2012-4950 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Pattern Insight
NVD
CVSS 2.0
4.3
EPSS
2.9%
CVE-2012-4938 LOW Monitor

Cross-site scripting (XSS) vulnerability in the web interface in Pattern Insight 2.3 allows remote authenticated administrators to inject arbitrary web script or HTML via the banner message. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Pattern Insight
NVD
CVSS 2.0
3.5
EPSS
1.3%
CVE-2012-4937 MEDIUM This Month

Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsession_id cookie. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Pattern Insight
NVD
CVSS 2.0
6.8
EPSS
0.9%
CVE-2012-4936 MEDIUM This Month

The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Pattern Insight
NVD
CVSS 2.0
6.8
EPSS
1.9%
CVE-2012-4935 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Pattern Insight
NVD
CVSS 2.0
6.8
EPSS
0.2%
EPSS 3% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Pattern Insight
NVD
EPSS 1% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in the web interface in Pattern Insight 2.3 allows remote authenticated administrators to inject arbitrary web script or HTML via the banner message. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Pattern Insight
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsession_id cookie. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Pattern Insight
NVD
EPSS 2% CVSS 6.8
MEDIUM This Month

The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Pattern Insight
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Pattern Insight
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy