Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5
CVE-2021-22140
- EPSS 0.37%
- Published 13.05.2021 18:15:09
- Last modified 21.11.2024 05:49:35
Elastic App Search versions after 7.11.0 and before 7.12.0 contain an XML External Entity Injection issue (XXE) in the App Search web crawler beta feature. Using this vector, an attacker whose website is being crawled by App Search could craft a mali...
6.1
CVE-2020-7011
- EPSS 0.32%
- Published 03.06.2020 18:15:22
- Last modified 21.11.2024 05:36:29
Elastic App Search versions before 7.7.0 contain a cross site scripting (XSS) flaw when displaying document URLs in the Reference UI. If the Reference UI injects a URL into a result, that URL will be rendered by the web browser. If an attacker is abl...
1