syedsohaibkarim

2 exploits Active since Apr 2021
CVE-2021-27989 WRITEUP MEDIUM WRITEUP
Appspace 6.2.4 - Stored Cross-Site Scripting in /medianet/sgcontentset.aspx
Appspace 6.2.4 is vulnerable to stored cross-site scripting (XSS) in multiple parameters within /medianet/sgcontentset.aspx.
CVSS 5.4
CVE-2021-27990 WRITEUP HIGH WRITEUP
Appspace 6.2.4 - Improper Authentication via Direct Page Access
Appspace 6.2.4 is vulnerable to a broken authentication mechanism where pages such as /medianet/mail.aspx can be called directly and the framework is exposed with layouts, menus and functionalities.
CVSS 7.5