Redhat: >> Interchange Security Vulnerabilities
XSS in the admin help system admin/help.html and admin/quicklinks.html in Interchange 4.7.0 through 5.11.x allows remote attackers to steal credentials or data via browser JavaScript.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-05-15
The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).
CVSS Score
5.0
EPSS Score
0.032
Published
2003-10-27
Vulnerability in Interchange 4.8.6, 4.8.3, and other versions, when running in INET mode, allows remote attackers to read arbitrary files.
CVSS Score
5.0
EPSS Score
0.043
Published
2002-09-05