MidnightBSD

Advisories for infovista

CVE-2006-0862 MEDIUM

Unspecified vulnerability in InfoVista PortalSE 2.0 Build 20087 on Solaris 8 without the IV00038969 hotfix allows remote attackers to read arbitrary files via a crafted URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
infovista portalse 2.0_build_20087
CVE-2006-0863 MEDIUM

InfoVista PortalSE 2.0 Build 20087 on Solaris 8 allows remote attackers to obtain sensitive information by specifying a nonexistent server in the server field, which reveals the path in an error message.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
infovista portalse 2.0_build_20087
CVE-2018-19649 MEDIUM

XSS exists in InfoVista VistaPortal SE Version 5.1 (build 51029). VPortal/mgtconsole/RolePermissions.jsp has reflected XSS via the ConnPoolName parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19765 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPresentSpace.jsp" has reflected XSS via the ConnPoolName, GroupId, and ParentId parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19766 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "GroupRessourceAdmin.jsp" has reflected XSS via the ConnPoolName parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19767 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "PresentSpace.jsp" has reflected XSS via the ConnPoolName and GroupId parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19768 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "SubPagePackages.jsp" has reflected XSS via the ConnPoolName and GroupId parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19769 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "UserProperties.jsp" has reflected XSS via the ConnPoolName parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19770 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "Users.jsp" has reflected XSS via the ConnPoolName parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19771 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPool.jsp" has reflected XSS via the PropName parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19772 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPresentSpace.jsp" has reflected XSS via the ConnPoolName, GroupId, and ParentId parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19773 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentUser.jsp" has reflected XSS via the GroupId and ConnPoolName parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19774 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "PresentSpace.jsp" has reflected XSS via the GroupId and ConnPoolName parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19775 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "Variables.jsp" has reflected XSS via the ConnPoolName and GroupId parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19809 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/GroupCopy.jsp" has reflected XSS via the ConnPoolName, GroupId, or type parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19810 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/GroupMove.jsp" has reflected XSS via the ConnPoolName, GroupId, or type parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19811 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Import.jsp" has reflected XSS via the ConnPoolName parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19812 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SubFolderPackages.jsp" has reflected XSS via the GroupId parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19813 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Subscribers.jsp" has reflected XSS via the ConnPoolName or GroupId parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19814 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Subscriptions.jsp" has reflected XSS via the ConnPoolName or GroupId parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19815 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/UserPopupAddNewProp.jsp" has reflected XSS via the ConnPoolName parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19816 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/categorytree/ChooseCategory.jsp" has reflected XSS via the ConnPoolName parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19817 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/AdminAuthorisationFrame.jsp" has reflected XSS via the ConnPoolName or GroupId parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19818 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Contacts.jsp" has reflected XSS via the ConnPoolName parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19819 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Rights.jsp" has reflected XSS via the ConnPoolName parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19820 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Roles.jsp" has reflected XSS via the ConnPoolName parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19821 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SecurityPolicies.jsp" has reflected XSS via the ConnPoolName parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1
CVE-2018-19822 MEDIUM

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SharedCriteria.jsp" has reflected XSS via the ConnPoolName or GroupId parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
infovista vistaportal 5.1