Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-29	CVE-2017-2257	Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via mail function. network low complexity cybozu CWE-79	6.1
2017-08-29	CVE-2017-2256	Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Memo". network low complexity cybozu CWE-79	5.4
2017-08-29	CVE-2017-2255	Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.7.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Space". network low complexity cybozu CWE-79	5.4
2017-08-29	CVE-2017-2254	Improper Input Validation vulnerability in Cybozu Garoon Cybozu Garoon 3.5.0 to 4.2.5 allows an attacker to cause a denial of service in the application menu's edit function via specially crafted input network low complexity cybozu CWE-20	4.9
2017-08-29	CVE-2017-1489	Open Redirect vulnerability in IBM products IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. network low complexity ibm CWE-601	6.1
2017-08-29	CVE-2017-1110	Information Exposure vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 contains an unspecified vulnerability that could allow an authenticated user to view the incidents of a higher privileged user. network low complexity ibm CWE-200	6.5
2017-08-29	CVE-2017-10841	Path Traversal vulnerability in Webcalendar Project Webcalendar 1.2.7 Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors. network low complexity webcalendar-project CWE-22	4.9
2017-08-29	CVE-2017-10840	Cross-site Scripting vulnerability in Webcalendar Project Webcalendar 1.2.7 Cross-site scripting vulnerability in WebCalendar 1.2.7 and earlier allows an attacker to inject arbitrary web script or HTML via unspecified vectors. network low complexity webcalendar-project CWE-79	6.1
2017-08-29	CVE-2017-10838	Cross-site Scripting vulnerability in Seopanel SEO Panel Cross-site scripting vulnerability in SEO Panel prior to version 3.11.0 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. network low complexity seopanel CWE-79	6.1
2017-08-29	CVE-2017-10837	Cross-site Scripting vulnerability in Backup-Guard Backup Guard Cross-site scripting vulnerability in BackupGuard prior to version 1.1.47 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. network low complexity backup-guard CWE-79	6.1

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium