Vulnerabilities > Alienvault > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-18 | CVE-2017-14956 | Cross-Site Request Forgery (CSRF) vulnerability in Alienvault Unified Security Management 4.14 AlienVault USM v5.4.2 and earlier offers authenticated users the functionality of exporting generated reports via the "/ossim/report/wizard_email.php" script. | 3.5 |
| 2016-09-26 | CVE-2016-6913 | Cross-site Scripting vulnerability in Alienvault products Cross-site scripting (XSS) vulnerability in AlienVault OSSIM before 5.3 and USM before 5.3 allows remote attackers to inject arbitrary web script or HTML via the back parameter to ossim/conf/reload.php. | 3.5 |