Vulnerabilities > Avaya > Aura Experience Portal > 7.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-24 | CVE-2021-25655 | Open Redirect vulnerability in Avaya Aura Experience Portal 7.1/8.0.0 A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. | 6.1 |
| 2021-06-24 | CVE-2021-25656 | Cross-site Scripting vulnerability in Avaya Aura Experience Portal 7.1/8.0.0 Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information. | 5.4 |
| 2019-11-15 | CVE-2016-5285 | NULL Pointer Dereference vulnerability in multiple products A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service. | 7.5 |