Captive Portal can expose sensitive information
Captive Portal can allow authentication bypass
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could
cause information disclosure of restricted web page, modification of web page and denial of
service
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Priority
PRI WEB Portal Add-On for Priority ERP on prem
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Cybonet - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
The administrator is able to configure an insecure captive portal script
A vulnerability in the Captive Portal of an AOS-10 GW and AOS-8 Controller/Mobility Conductor could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack. Successful exploit
A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that caus
Priority – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
AccuPOS - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Priority – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that
could cause exposure of credentials when attacker has access to application on network over
http
The Kiwire Captive Portal contains a reflected cross-site scripting (XSS) vulnerability within the login-url parameter, allowing for Javascript execution.
This vulnerability could be exploited, leading to unauthorized disclosure of information to authenticated users.
CWE-200: Information Exposure vulnerability exists that could cause disclosure of
credentials when a specially crafted message is sent to the device.
Mashov – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Page 1+ Next →