Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-35207PUBLISHED: 2020-12-12
** DISPUTED ** An issue was discovered in the LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app 4.8.11.2403 for iOS. The PIN authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could a...
CVE-2020-35208PUBLISHED: 2020-12-12
** DISPUTED ** An issue was discovered in the LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app 4.8.11.2403 for iOS. The password authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker co...
CVE-2020-35200PUBLISHED: 2020-12-12Ignite Realtime Openfire 4.6.0 has plugins/clientcontrol/spark-form.jsp Reflective XSS.
CVE-2020-35201PUBLISHED: 2020-12-12Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp users Stored XSS.
CVE-2020-35202PUBLISHED: 2020-12-12Ignite Realtime Openfire 4.6.0 has plugins/dbaccess/db-access.jsp sql Stored XSS.