Vulnerabilities > RSA > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-03-24 | CVE-2008-1470 | Cross-Site Scripting vulnerability in RSA Webid 5.3 Incomplete blacklist vulnerability in IISWebAgentIF.dll in the WebID RSA Authentication Agent 5.3, and possibly earlier, allows remote attackers to conduct cross-site scripting (XSS) attacks via the postdata parameter, due to an incomplete fix for CVE-2005-1118. | 4.3 |
| 2007-10-29 | CVE-2007-5703 | Cross-Site Scripting vulnerability in RSA Keon Registration Authority web Interface 1.0 Multiple cross-site scripting (XSS) vulnerabilities in (1) Request-spk.xuda and (2) Add-msie-request.xuda in RSA KEON Registration Authority Web Interface 1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2007-09-14 | CVE-2007-4900 | Cross-Site Scripting vulnerability in RSA Envision 3.3.6Build0115 Cross-site scripting (XSS) vulnerability in the logon page in RSA EnVision 3.3.6 Build 0115 allows remote attackers to inject arbitrary web script or HTML via the username field. | 4.3 |
| 2005-12-31 | CVE-2005-4734 | Remote Stack Based Buffer Overflow vulnerability in RSA Authentication Agent IISWebAgentIF.DLL Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication Agent for Web (aka SecurID Web Agent) 5.2 and 5.3 for IIS allows remote attackers to execute arbitrary code via a long url parameter in the Redirect method. | 6.4 |
| 2005-10-27 | CVE-2005-3329 | Cross-Site Scripting vulnerability in RSA ACE Agent Image Cross-site scripting (XSS) vulnerability in RSA Authentication Agent for Web 5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter in a GetPic operation. network rsa | 4.3 |
| 2005-04-14 | CVE-2005-1118 | Remote Cross-Site Scripting vulnerability in RSA Authentication Agent for web 5.2 Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the RSA Authentication Agent for Web 5.2 allows remote attackers to inject arbitrary web script or HTML via the postdata parameter. network rsa | 4.3 |
| 2003-07-24 | CVE-2003-0389 | Unspecified vulnerability in RSA ACE Agent 5.0 Cross-site scripting (XSS) vulnerability in the secure redirect function of RSA ACE/Agent 5.0 for Windows, and 5.x for Web, allows remote attackers to insert arbitrary web script and possibly cause users to enter a passphrase via a GET request containing the script. network rsa | 4.3 |