Vulnerabilities > Trendmicro > Worry Free Business Security Services > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-06-19 CVE-2016-1224 Cross-site Scripting vulnerability in Trendmicro products
CRLF injection vulnerability in Trend Micro Worry-Free Business Security Service 5.x and Worry-Free Business Security 9.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting (XSS) attacks via unspecified vectors.
network
low complexity
trendmicro CWE-79
6.1
2016-06-19 CVE-2016-1223 Path Traversal vulnerability in Trendmicro products
Directory traversal vulnerability in Trend Micro Office Scan 11.0, Worry-Free Business Security Service 5.x, and Worry-Free Business Security 9.0 allows remote attackers to read arbitrary files via unspecified vectors.
network
low complexity
trendmicro CWE-22
5.3