VYPR

Aura Experience Portal

by Avaya

CVEs (2)

  • CVE-2021-25656Jun 24, 2021
    risk 0.00cvss epss 0.00

    Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information. Affected versions include 7.0 through 7.2.3 (without hotfix) and 8.0.0 (without hotfix).

  • CVE-2021-25655Jun 24, 2021
    risk 0.00cvss epss 0.00

    A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 through 7.2.3 (without hotfix) and 8.0.0 (without hotfix).