Lucene search

Dashboard Server Security Vulnerabilities

cve

CVE-2017-14651

WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter.

4.8CVSS

4.7AI Score

0.001EPSS

2017-09-21 06:29 PM

cve

CVE-2017-14995

The Management Console in WSO2 Application Server 5.3.0, WSO2 Business Process Server 3.6.0, WSO2 Business Rules Server 2.2.0, WSO2 Complex Event Processor 4.2.0, WSO2 Dashboard Server 2.0.0, WSO2 Data Analytics Server 3.1.0, WSO2 Data Services Server 3.5.1, and WSO2 Machine Learner 1.2.0 is affect...

6.1CVSS

5.2AI Score

0.001EPSS

2017-10-04 01:29 AM

cve

CVE-2019-6514

An issue was discovered in WSO2 Dashboard Server 2.0.0. It is possible to inject a JavaScript payload that will be stored in the database and then displayed and executed on the same page, aka XSS.

4.8CVSS

5AI Score

0.001EPSS

2019-05-14 03:29 PM

cve

CVE-2019-6516

An issue was discovered in WSO2 Dashboard Server 2.0.0. It is possible to force the application to perform requests to the internal workstation (port-scanning) and to perform requests to adjacent workstations (network-scanning), aka SSRF.

5.8CVSS

5.6AI Score

0.001EPSS

2019-05-14 03:29 PM

cve

CVE-2022-46784

SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows open redirection. (The issue was originally found in 5.5.1 GA.)

6.1CVSS

6.2AI Score

0.001EPSS

2023-02-23 10:15 PM

cve

CVE-2022-46785

SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows XSS (issue 1 of 2).

6.1CVSS

6AI Score

0.001EPSS

2023-02-23 10:15 PM

cve

CVE-2022-46786

SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows XSS (issue 2 of 2).

5.4CVSS

5.3AI Score

0.001EPSS

2023-02-23 08:15 PM