Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-02-10 CVE-2017-5945 Cross-site Scripting vulnerability in Poodll Moodle-Filter Poodll
An issue was discovered in the PoodLL Filter plugin through 3.0.20 for Moodle.
network
low complexity
poodll CWE-79
6.1
6.1
2017-02-10 CVE-2017-5942 Cross-site Scripting vulnerability in WP Mail Project WP Mail 1.1
An issue was discovered in the WP Mail plugin before 1.2 for WordPress.
network
low complexity
wp-mail-project CWE-79
6.1
6.1
2017-02-10 CVE-2016-10216 Cross-site Scripting vulnerability in Sivann IT Items Database
An issue was discovered in IT ITems DataBase (ITDB) through 1.23.
network
low complexity
sivann CWE-79
6.1
6.1
2017-02-10 CVE-2016-10215 Cross-site Scripting vulnerability in Fastspot Bigtree-Form-Builder 1.0/1.0.1/1.1
An issue was discovered in Fastspot BigTree bigtree-form-builder before 1.2.
network
low complexity
fastspot CWE-79
6.1
6.1
2017-02-09 CVE-2017-5858 Origin Validation Error vulnerability in Conversejs Converse.Js
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.
network
high complexity
conversejs CWE-346
5.9
5.9
2017-02-09 CVE-2017-5606 Origin Validation Error vulnerability in Xabber
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.
network
high complexity
xabber CWE-346
5.9
5.9
2017-02-09 CVE-2017-5605 Origin Validation Error vulnerability in Movim
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.
network
high complexity
movim CWE-346
5.9
5.9
2017-02-09 CVE-2017-5604 Origin Validation Error vulnerability in Mcabber
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.
network
high complexity
mcabber CWE-346
5.9
5.9
2017-02-09 CVE-2017-5603 Origin Validation Error vulnerability in Jitsi 2.5.5061/2.9.5544
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.
network
high complexity
jitsi CWE-346
5.9
5.9
2017-02-09 CVE-2017-5602 Origin Validation Error vulnerability in Jappix Project Jappix
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.
network
high complexity
jappix-project CWE-346
5.9
5.9