CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-6189

F-Secure Radar (on-premises) before 2018-02-15 has XSS via vectors involving the Tags parameter in the JSON request body in an outbound request for the /api/latest/vulnerabilityscans/tags/batch resource, aka a "suggested metadata tags for assets" issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.2%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://oscarhjelm.com/blag/2018/02/f-secure-radar-persistent-cross-site-scripting-vulnerability/
http://www.securityfocus.com/bid/103100
http://oscarhjelm.com/blag/2018/02/f-secure-radar-persistent-cross-site-scripting-vulnerability/
http://www.securityfocus.com/bid/103100

Products affected by CVE-2018-6189

F-Secure » Radar » Version: 3.9.1

cpe:2.3:a:f-secure:radar:3.9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-6189

Products

Pricing

Contact Us