ByteOS Network

NVD

N/A

2Vulnerabilities found

CVSS Score-6.1||MEDIUM

EPSS-0.24% / 47.17%

7 Day CHG~0.00%

Published-30 Dec, 2021 | 12:33

Updated-04 Aug, 2024 | 04:54

SAFARI Montage 8.7.32 is affected by a CRLF injection vulnerability which can lead to HTTP response splitting.

CWE ID-CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CVSS Score-6.1||MEDIUM

EPSS-1.67% / 81.35%

7 Day CHG~0.00%

Published-28 Dec, 2021 | 12:21

Updated-04 Aug, 2024 | 04:39

Reflected Cross Site Scripting (XSS) in SAFARI Montage versions 8.3 and 8.5 allows remote attackers to execute JavaScript codes.

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')