Vulnerabilities > Alienvault > Unified Security Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-09-26 | CVE-2016-6913 | Cross-site Scripting vulnerability in Alienvault products Cross-site scripting (XSS) vulnerability in AlienVault OSSIM before 5.3 and USM before 5.3 allows remote attackers to inject arbitrary web script or HTML via the back parameter to ossim/conf/reload.php. | 3.5 |
| 2015-05-01 | CVE-2015-3446 | Code Injection vulnerability in Alienvault Unified Security Management 4.14 The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python code via a crafted plugin configuration file (.cfg). | 9.3 |