WiKID 2FA Enterprise Server

CVEs (3)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2019-17120	WiKID Systems WiKID 2FA Enterprise Server	—	0.50	Oct 17, 2019	A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/adm_usrs.jsp. The usr parameter is vulnerable: the reflected cross-site scripting…
CVE-2019-17116	WiKID Systems WiKID 2FA Enterprise Server	—	0.02	Oct 17, 2019	A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/groups.jsp. The groupName parameter is vulnerable: the reflected cross-site scripting…
CVE-2019-17114	WiKID Systems WiKID 2FA Enterprise Server	—	0.02	Oct 17, 2019	A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allows remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/userPreregistration.jsp. The preRegistrationData parameter is vulnerable: a reflected…

CVE-2019-17120Oct 17, 2019
WiKID Systems
WiKID 2FA Enterprise Server
risk 0.00cvss —epss 0.50
A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/adm_usrs.jsp. The usr parameter is vulnerable: the reflected cross-site scripting…
CVE-2019-17116Oct 17, 2019
WiKID Systems
WiKID 2FA Enterprise Server
risk 0.00cvss —epss 0.02
A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/groups.jsp. The groupName parameter is vulnerable: the reflected cross-site scripting…
CVE-2019-17114Oct 17, 2019
WiKID Systems
WiKID 2FA Enterprise Server
risk 0.00cvss —epss 0.02
A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allows remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/userPreregistration.jsp. The preRegistrationData parameter is vulnerable: a reflected…