Vulnerabilities > External Control of Critical State Data
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-05 | CVE-2018-15382 | External Control of Critical State Data vulnerability in Cisco Hyperflex HX Data Platform 3.0(1A) A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to generate valid, signed session tokens. | 8.6 |
2018-06-04 | CVE-2017-0928 | External Control of Critical State Data vulnerability in Theguardian Html-Janitor 2.0.2 html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the '_sanitized' variable causing sanitization to be bypassed. | 6.1 |