Vulnerabilities > Microfocus > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-26 | CVE-2019-18946 | Session Fixation vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation. | 4.8 |
| 2021-02-26 | CVE-2019-18944 | Cross-site Scripting vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS. | 4.8 |
| 2021-02-26 | CVE-2019-18942 | Cross-site Scripting vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. | 4.8 |
| 2021-02-06 | CVE-2021-22500 | Cross-Site Request Forgery (CSRF) vulnerability in Microfocus Application Performance Management 9.40/9.50/9.51 Cross Site Request Forgery vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. | 6.5 |
| 2021-02-06 | CVE-2021-22499 | Cross-site Scripting vulnerability in Microfocus Application Performance Management 9.40/9.50/9.51 Persistent Cross-Site scripting vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. | 4.8 |
| 2020-12-11 | CVE-2020-25838 | Unspecified vulnerability in Microfocus Filr Unauthorized disclosure of sensitive information vulnerability in Micro Focus Filr product. | 6.5 |
| 2020-11-17 | CVE-2020-25833 | Cross-site Scripting vulnerability in Microfocus Idol Persistent cross-Site Scripting vulnerability on Micro Focus IDOL product, affecting all version prior to version 12.7. | 4.8 |
| 2020-11-17 | CVE-2020-25832 | Cross-site Scripting vulnerability in Microfocus Filr 4.2.1 Reflected Cross Site scripting vulnerability on Micro Focus Filr product, affecting version 4.2.1. | 5.4 |
| 2020-11-17 | CVE-2020-25834 | Cross-site Scripting vulnerability in Microfocus Arcsight Logger 6.61/7.0/7.0.1 Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. | 5.4 |
| 2020-11-17 | CVE-2020-11860 | Cross-site Scripting vulnerability in Microfocus Arcsight Logger 6.61/7.0/7.0.1 Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. | 6.1 |