An attacker could construct a URL within the application that causes a redirection to an arbitrary external domain and could be leveraged to facilitate phishing attacks against application...
6.1CVSS
7.2AI Score
0.0005EPSS
Through the exploitation of active user sessions, an attacker could send custom requests to cause a denial-of-service condition on the...
7.5CVSS
7AI Score
0.0005EPSS
A successful CSRF attack could force the user to perform state changing requests on the application. If the victim is an administrative account, a CSRF attack could compromise the entire web...
8.8CVSS
7.2AI Score
0.001EPSS
An attacker with network access could perform a man-in-the-middle (MitM) attack and capture sensitive information to gain unauthorized access to the...
5.9CVSS
6.8AI Score
0.001EPSS
An attacker could create malicious requests to obtain sensitive information about the web...
5.3CVSS
6.5AI Score
0.0005EPSS
A user without administrator permissions with access to the UC500 windows system could perform a memory dump of the running processes and extract clear credentials or valid session...
4.3CVSS
7.2AI Score
0.0004EPSS