Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-11727 | 1 Connectwise | 1 Manage | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
services/system_io/actionprocessor/Contact.rails in ConnectWise Manage 2017.5 allows arbitrary client-side JavaScript code execution (involving a ContactCommon field) on victims who click on a crafted link, aka XSS. | |||||
CVE-2017-11726 | 1 Connectwise | 1 Manage | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
services/system_io/actionprocessor/System.rails in ConnectWise Manage 2017.5 is vulnerable to Cross-Site Request Forgery (CSRF), as demonstrated by changing an e-mail address setting. |