Vulnerabilities > Secomea > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2022-05-04	CVE-2022-25784	Cross-site Scripting vulnerability in Secomea products Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. network secomea CWE-79	3.5
2022-03-10	CVE-2021-32005	Cross-site Scripting vulnerability in Secomea products Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. network secomea CWE-79	3.5
2021-08-05	CVE-2021-32003	Insufficiently Protected Credentials vulnerability in Secomea Sitemanager Firmware Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows local attacker to capture credentials if the service is used after provisioning. local low complexity secomea CWE-522	2.1
2021-08-05	CVE-2021-32002	Unspecified vulnerability in Secomea Sitemanager Firmware Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker without credentials to gather network information and configuration of the SiteManager. local low complexity secomea	2.1
2021-02-16	CVE-2020-29027	Cross-site Scripting vulnerability in Secomea products Cross-site Scripting (XSS) vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. network secomea CWE-79	3.5
2021-02-08	CVE-2020-29021	Cross-site Scripting vulnerability in Secomea products A vulnerability in web UI input field of GateManager allows authenticated attacker to enter script tags that could cause XSS. network secomea CWE-79	3.5