Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-15 | CVE-2015-3271 | Information Exposure vulnerability in Apache Tika 1.9 Apache Tika server (aka tika-server) in Apache Tika 1.9 might allow remote attackers to read arbitrary files via the HTTP fileUrl header. | 5.3 |
| 2016-12-15 | CVE-2016-7891 | Cross-site Scripting vulnerability in Adobe Robohelp Adobe RoboHelp version 2015.0.3 and earlier, RoboHelp 11 and earlier have an input validation issue that could be used in cross-site scripting attacks. | 6.1 |
| 2016-12-15 | CVE-2016-7888 | Information Exposure vulnerability in Adobe Digital Editions Adobe Digital Editions versions 4.5.2 and earlier has an important vulnerability that could lead to memory address leak. | 5.3 |
| 2016-12-15 | CVE-2016-7884 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.1 and earlier have an input validation issue in the DAM create assets that could be used in cross-site scripting attacks. | 6.1 |
| 2016-12-15 | CVE-2016-7883 | Cross-site Scripting vulnerability in Adobe Experience Manager 6.2.0 Adobe Experience Manager version 6.2 has an input validation issue in create Launch wizard that could be used in cross-site scripting attacks. | 6.1 |
| 2016-12-15 | CVE-2016-7882 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.2 and earlier have an input validation issue in the WCMDebug filter that could be used in cross-site scripting attacks. | 6.1 |
| 2016-12-15 | CVE-2016-6934 | Cross-site Scripting vulnerability in Adobe Experience Manager Forms and Livecycle Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the PMAdmin module that could be used in cross-site scripting attacks. | 6.1 |
| 2016-12-15 | CVE-2016-6933 | Cross-site Scripting vulnerability in Adobe Experience Manager and Livecycle Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the AACComponent that could be used in cross-site scripting attacks. | 6.1 |
| 2016-12-15 | CVE-2016-6854 | Cross-site Scripting vulnerability in Open-Xchange OX Guard 2.4.2 An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. | 6.1 |
| 2016-12-15 | CVE-2016-6853 | Cross-site Scripting vulnerability in Open-Xchange OX Guard 2.4.2 An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. | 6.1 |