MEDIUM🇵🇱 Wersja polska

CVE-2018-1233

CVSS 6.1v3.0pub. 2018-03-30upd. 2024-11-21

RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. The attackers could potentially exploit this vulnerability to execute arbitrary HTML or JavaScript code in the user's browser session in the context of the affected website.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  • Rsa Authentication Agent For Web

    APP
    Rsa
    ≤ 8.0.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2017-14377CRITICAL9.8ten sam produkt

EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 and RSA Authentication Agent for Web: Apac...

CVE-2018-1232HIGH7.5ten sam produkt

RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by ...

CVE-2018-1234MEDIUM5.5ten sam produkt

RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access contr...

CVE-2010-3261MEDIUM5.0ten sam produkt

Directory traversal vulnerability in RSA Authentication Agent 7.0 before P2 for Web allows remote attackers to...

CVE-2005-4734MEDIUM6.4ten sam produkt

Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication Agent for Web (aka SecurID Web Agent) 5...