Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for vibe by microfocus

    CVE-2020-9520 (GCVE-0-2020-9520)

    Vulnerability from nvd – Published: 2020-03-25 20:59 – Updated: 2024-08-04 10:34
    VLAI
    Summary
    A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4.0.7. The vulnerability could allows a remote attacker to craft and store malicious content into Vibe such that when the content is viewed by another user of the system, attacker controlled JavaScript will execute in the security context of the target user’s browser.
    Severity
    No CVSS data available.
    CWE
    • Stored XSS
    Assigner
    References
    Impacted products
    Vendor Product Version
    Micro Focus International Micro Focus Vibe. Affected: All Vibe version prior to Vive 4.0.7.
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.519Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://softwaresupport.softwaregrp.com/doc/KM03630475"
              },
              {
                "name": "20200327 [SYSS-2019-047] Micro Focus Vibe - Cross-Site Scripting (CVE-2020-9520)",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2020/Mar/50"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Micro Focus Vibe.",
              "vendor": "Micro Focus International",
              "versions": [
                {
                  "status": "affected",
                  "version": "All Vibe version prior to Vive 4.0.7."
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4.0.7. The vulnerability could allows a remote attacker to craft and store malicious content into Vibe such that when the content is viewed by another user of the system, attacker controlled JavaScript will execute in the security context of the target user\u2019s browser."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Stored XSS",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:34.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://softwaresupport.softwaregrp.com/doc/KM03630475"
            },
            {
              "name": "20200327 [SYSS-2019-047] Micro Focus Vibe - Cross-Site Scripting (CVE-2020-9520)",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2020/Mar/50"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "ID": "CVE-2020-9520",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Micro Focus Vibe.",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All Vibe version prior to Vive 4.0.7."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus International"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4.0.7. The vulnerability could allows a remote attacker to craft and store malicious content into Vibe such that when the content is viewed by another user of the system, attacker controlled JavaScript will execute in the security context of the target user\u2019s browser."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Stored XSS"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://softwaresupport.softwaregrp.com/doc/KM03630475",
                  "refsource": "MISC",
                  "url": "https://softwaresupport.softwaregrp.com/doc/KM03630475"
                },
                {
                  "name": "20200327 [SYSS-2019-047] Micro Focus Vibe - Cross-Site Scripting (CVE-2020-9520)",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2020/Mar/50"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2020-9520",
        "datePublished": "2020-03-25T20:59:48.000Z",
        "dateReserved": "2020-03-01T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:34:39.519Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9520 (GCVE-0-2020-9520)

    Vulnerability from cvelistv5 – Published: 2020-03-25 20:59 – Updated: 2024-08-04 10:34
    VLAI
    Summary
    A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4.0.7. The vulnerability could allows a remote attacker to craft and store malicious content into Vibe such that when the content is viewed by another user of the system, attacker controlled JavaScript will execute in the security context of the target user’s browser.
    Severity
    No CVSS data available.
    CWE
    • Stored XSS
    Assigner
    References
    Impacted products
    Vendor Product Version
    Micro Focus International Micro Focus Vibe. Affected: All Vibe version prior to Vive 4.0.7.
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.519Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://softwaresupport.softwaregrp.com/doc/KM03630475"
              },
              {
                "name": "20200327 [SYSS-2019-047] Micro Focus Vibe - Cross-Site Scripting (CVE-2020-9520)",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2020/Mar/50"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Micro Focus Vibe.",
              "vendor": "Micro Focus International",
              "versions": [
                {
                  "status": "affected",
                  "version": "All Vibe version prior to Vive 4.0.7."
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4.0.7. The vulnerability could allows a remote attacker to craft and store malicious content into Vibe such that when the content is viewed by another user of the system, attacker controlled JavaScript will execute in the security context of the target user\u2019s browser."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Stored XSS",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:34.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://softwaresupport.softwaregrp.com/doc/KM03630475"
            },
            {
              "name": "20200327 [SYSS-2019-047] Micro Focus Vibe - Cross-Site Scripting (CVE-2020-9520)",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2020/Mar/50"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "ID": "CVE-2020-9520",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Micro Focus Vibe.",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All Vibe version prior to Vive 4.0.7."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus International"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4.0.7. The vulnerability could allows a remote attacker to craft and store malicious content into Vibe such that when the content is viewed by another user of the system, attacker controlled JavaScript will execute in the security context of the target user\u2019s browser."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Stored XSS"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://softwaresupport.softwaregrp.com/doc/KM03630475",
                  "refsource": "MISC",
                  "url": "https://softwaresupport.softwaregrp.com/doc/KM03630475"
                },
                {
                  "name": "20200327 [SYSS-2019-047] Micro Focus Vibe - Cross-Site Scripting (CVE-2020-9520)",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2020/Mar/50"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2020-9520",
        "datePublished": "2020-03-25T20:59:48.000Z",
        "dateReserved": "2020-03-01T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:34:39.519Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }