Filtered by vendor Qpr
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-8268 | 1 Qpr | 1 Portal | 2015-02-02 | 6.4 MEDIUM | N/A |
QPR Portal before 2012.2.1 allows remote attackers to modify or delete notes via a direct request. | |||||
CVE-2014-8267 | 1 Qpr | 1 Portal | 2015-02-02 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in QPR Portal 2014.1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the RID parameter. | |||||
CVE-2014-8266 | 1 Qpr | 1 Portal | 2015-02-02 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the note-creation page in QPR Portal 2014.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) body field. |