Vulnerabilities > IPA
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-05-22 | CVE-2017-2173 | Cross-site Scripting vulnerability in IPA Empirical Project Monitor - Extended Cross-site scripting vulnerability in Empirical Project Monitor - eXtended all versions allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
2017-04-28 | CVE-2017-2102 | Cross-Site Request Forgery (CSRF) vulnerability in IPA Appgoat 3.0.0 Cross-site request forgery (CSRF) vulnerability in Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
2017-04-28 | CVE-2017-2101 | Improper Authentication vulnerability in IPA Appgoat 3.0.0 Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote attackers to bypass authentication to perform arbitrary operations via unspecified vectors. | 7.3 |
2017-04-28 | CVE-2017-2100 | Improper Input Validation vulnerability in IPA Appgoat 3.0.0/3.0.1 Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.1 and earlier allows remote attackers to conduct DNS rebinding attacks via unspecified vectors. | 6.3 |
2017-04-28 | CVE-2017-2099 | Unspecified vulnerability in IPA Appgoat 3.0.0 Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote code execution via unspecified vectors. | 6.3 |