Vulnerabilities > Avaya > Aura Experience Portal > 7.1

DATE CVE VULNERABILITY TITLE RISK
2021-06-24 CVE-2021-25655 Open Redirect vulnerability in Avaya Aura Experience Portal 7.1/8.0.0
A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack.
network
low complexity
avaya CWE-601
6.1
2021-06-24 CVE-2021-25656 Cross-site Scripting vulnerability in Avaya Aura Experience Portal 7.1/8.0.0
Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information.
network
low complexity
avaya CWE-79
5.4
2019-11-15 CVE-2016-5285 NULL Pointer Dereference vulnerability in multiple products
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
network
low complexity
mozilla debian redhat suse avaya CWE-476
7.5