Vulnerabilities > IPA

DATE CVE VULNERABILITY TITLE RISK
2017-05-22 CVE-2017-2173 Cross-site Scripting vulnerability in IPA Empirical Project Monitor - Extended
Cross-site scripting vulnerability in Empirical Project Monitor - eXtended all versions allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
ipa CWE-79
5.4
2017-04-28 CVE-2017-2102 Cross-Site Request Forgery (CSRF) vulnerability in IPA Appgoat 3.0.0
Cross-site request forgery (CSRF) vulnerability in Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
network
low complexity
ipa CWE-352
8.8
2017-04-28 CVE-2017-2101 Improper Authentication vulnerability in IPA Appgoat 3.0.0
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote attackers to bypass authentication to perform arbitrary operations via unspecified vectors.
network
low complexity
ipa CWE-287
7.3
2017-04-28 CVE-2017-2100 Improper Input Validation vulnerability in IPA Appgoat 3.0.0/3.0.1
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.1 and earlier allows remote attackers to conduct DNS rebinding attacks via unspecified vectors.
network
low complexity
ipa CWE-20
6.3
2017-04-28 CVE-2017-2099 Unspecified vulnerability in IPA Appgoat 3.0.0
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote code execution via unspecified vectors.
network
low complexity
ipa
6.3