Vulnerabilities > Netscout > Ngeniusone > 6.3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-30 | CVE-2021-35200 | Cross-site Scripting vulnerability in Netscout Ngeniusone 6.3.0 NETSCOUT nGeniusONE 6.3.0 build 1196 allows high-privileged users to achieve Stored Cross-Site Scripting (XSS) in FDSQueryService. | 3.5 |
| 2021-09-30 | CVE-2021-35201 | XXE vulnerability in Netscout Ngeniusone 6.3.0 NEI in NETSCOUT nGeniusONE 6.3.0 build 1196 allows XML External Entity (XXE) attacks. | 4.3 |
| 2021-09-30 | CVE-2021-35202 | Incorrect Permission Assignment for Critical Resource vulnerability in Netscout Ngeniusone 6.3.0 NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService. | 4.3 |
| 2021-09-30 | CVE-2021-35203 | Files or Directories Accessible to External Parties vulnerability in Netscout Ngeniusone 6.3.0 NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Arbitrary File Read operations via the FDSQueryService endpoint. | 3.5 |
| 2021-09-30 | CVE-2021-35204 | Cross-site Scripting vulnerability in Netscout Ngeniusone 6.3.0 NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Reflected Cross-Site Scripting (XSS) in the support endpoint. | 3.5 |
| 2021-09-30 | CVE-2021-35205 | Open Redirect vulnerability in Netscout Ngeniusone 6.3.0 NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows URL redirection in redirector. | 4.9 |