Vulnerabilities > Rapid7

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-02	CVE-2017-5228	Path Traversal vulnerability in Rapid7 Metasploit 4.13.0/4.13.1/4.13.19 All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter stdapi Dir.download() function. network high complexity rapid7 CWE-22	5.1
2016-12-20	CVE-2016-9757	Cross-site Scripting vulnerability in Rapid7 Nexpose 6.4.12 In the Create Tags page of the Rapid7 Nexpose version 6.4.12 user interface, any authenticated user who has the capability to create tags can inject cross-site scripting (XSS) elements in the tag name field. network rapid7 CWE-79	3.5
2014-02-04	CVE-2012-6493	Cross-Site Request Forgery (CSRF) vulnerability in Rapid7 Nexpose Cross-site request forgery (CSRF) vulnerability in Rapid7 Nexpose Security Console before 5.5.4 allows remote attackers to hijack the authentication of unspecified victims for requests that delete scan data and sites via a request to data/site/delete. network rapid7 CWE-352	6.8

Vulnerabilities > Rapid7 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Rapid7"}]}