Centra: Security Vulnerabilities
Multiple cross-site scripting (XSS) vulnerabilities in Centra 7 allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) first name, or (3) last name fields.
CVSS Score
4.3
EPSS Score
0.003
Published
2005-05-02
CentraOne 5.2 and Centra ASP with basic authentication enabled creates world-writable base64 encoded log files, which allows local users to obtain cleartext passwords from decoded log files and impersonate users.
CVSS Score
2.1
EPSS Score
0.002
Published
2001-12-31