Telaxius Epesi vulnerabilities
7 known vulnerabilities affecting telaxius/epesi.
Total CVEs
7
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM7
Vulnerabilities
Page 1 of 1
CVE-2017-14717P4MEDIUMCVSS 5.4PoC≤ 1.8.2.42017-09-22
CVE-2017-14717 [MEDIUM] CWE-79 CVE-2017-14717: In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Description parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Description parameter.
nvd
CVE-2017-14712P4MEDIUMCVSS 5.4PoC≤ 1.8.22017-09-22
CVE-2017-14712 [MEDIUM] CWE-79 CVE-2017-14712: In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Phonecall Notes Title parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Phonecall Notes Title parameter.
nvd
CVE-2017-14715P4MEDIUMCVSS 5.4≤ 1.8.2.42017-09-22
CVE-2017-14715 [MEDIUM] CWE-79 CVE-2017-14715: In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Alerts Title parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Alerts Title parameter.
nvd
CVE-2017-14716P4MEDIUMCVSS 5.4≤ 1.8.2.42017-09-22
CVE-2017-14716 [MEDIUM] CWE-79 CVE-2017-14716: In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Title parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Title parameter.
nvd
CVE-2017-14713P4MEDIUMCVSS 5.4≤ 1.8.2.42017-09-22
CVE-2017-14713 [MEDIUM] CWE-79 CVE-2017-14713: In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Description parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Description parameter.
nvd
CVE-2017-8763P4MEDIUMCVSS 6.1≤ 1.8.22017-05-04
CVE-2017-8763 [MEDIUM] CWE-79 CVE-2017-8763: Cross-site scripting (XSS) vulnerability in modules/Base/Box/check_for_new_version.php in EPESI in T
Cross-site scripting (XSS) vulnerability in modules/Base/Box/check_for_new_version.php in EPESI in Telaxus/EPESI 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URI that lacks the cid parameter.
nvd
CVE-2017-14714P4MEDIUMCVSS 5.4≤ 1.8.2.42017-09-22
CVE-2017-14714 [MEDIUM] CWE-79 CVE-2017-14714: In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Subject parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Subject parameter.
nvd