Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
38 lines (37 sloc) 2.86 KB
[
{
"mainText": "The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect). This is CVE-2016-6154 published on August 23 2019",
"redirectionUrl": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6154",
"uid": "CVE-2016-6154",
"titleText": "CVE-2016-6154",
"updateDate": "2019-08-23T22:15Z"
},
{
"mainText": "An information exposure vulnerability in FortiOS 6.2.0 and below may allow an unauthenticated attacker to gain platform information such as version, models, via parsing a JavaScript file through admin webUI. This is CVE-2018-13367 published on August 23 2019",
"redirectionUrl": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13367",
"uid": "CVE-2018-13367",
"titleText": "CVE-2018-13367",
"updateDate": "2019-08-23T21:15Z"
},
{
"mainText": "In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this implementation might be cached and re-used by Apache Santuario - XML Security for Java, leading to potential security flaws when validating signed documents, etc. The vulnerability affects Apache Santuario - XML Security for Java 2.0.x releases from 2.0.3 and all 2.1.x releases before 2.1.4. This is CVE-2019-12400 published on August 23 2019",
"redirectionUrl": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12400",
"uid": "CVE-2019-12400",
"titleText": "CVE-2019-12400",
"updateDate": "2019-08-23T21:15Z"
},
{
"mainText": "The webtoffee \"WordPress Users & WooCommerce Customers Import Export\" plugin 1.3.0 for WordPress allows CSV injection in the user_url, display_name, first_name, and last_name columns in an exported CSV file created by the WF_CustomerImpExpCsv_Exporter class. This is CVE-2019-15092 published on August 23 2019",
"redirectionUrl": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15092",
"uid": "CVE-2019-15092",
"titleText": "CVE-2019-15092",
"updateDate": "2019-08-23T21:15Z"
},
{
"mainText": "An Improper Neutralization of Input During Web Page Generation (\"Cross-site Scripting\") in Fortinet FortiNAC 8.3.0 to 8.3.6 and 8.5.0 admin webUI may allow an unauthenticated attacker to perform a reflected XSS attack via the search field in the webUI. This is CVE-2019-5594 published on August 23 2019",
"redirectionUrl": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5594",
"uid": "CVE-2019-5594",
"titleText": "CVE-2019-5594",
"updateDate": "2019-08-23T21:15Z"
}
]
You can’t perform that action at this time.