Vulnerabilities > Ericsson > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-11-27 CVE-2020-29145 Cross-site Scripting vulnerability in Ericsson products
In Ericsson BSCS iX R18 Billing & Rating iX R18, ADMX is a web base module in BSCS iX that is vulnerable to stored XSS via the name or description field to a solutionUnitServlet?SuName=UserReferenceDataSU Access Rights Group.
network
low complexity
ericsson CWE-79
5.4
2020-11-27 CVE-2020-29144 Cross-site Scripting vulnerability in Ericsson products
In Ericsson BSCS iX R18 Billing & Rating iX R18, MX is a web base module in BSCS iX that is vulnerable to stored XSS via an Alert Dashboard comment.
network
low complexity
ericsson CWE-79
5.4
2019-03-21 CVE-2019-7417 Cross-site Scripting vulnerability in Ericsson Active Library Explorer 14.3
XSS exists in Ericsson Active Library Explorer (ALEX) 14.3 in multiple parameters in the "/cgi-bin/alexserv" servlet, as demonstrated by the DB, FN, fn, or id parameter.
network
low complexity
ericsson CWE-79
6.1