F-Secure Radar Login Page Unvalidated Redirect Vulnerability

CVE-2018-6324 https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6324 Summary The application will upon successfully logging in redirect the user to a user-controlled destination. A victim user may not recognise that a redirection takes place as they expect to be sent to a new page. Vendor Description F-Secure Radar is a turnkey vulnerability scanning and management platform. It allows you to identify […]

F-Secure Radar Persistent Cross-Site Scripting Vulnerability

CVE-2018-6189 https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6189 Summary The application can suggest metadata tags for assets, and in doing so it can execute JavaScript entered previously by a malicious user. Vendor Description F-Secure Radar is a turnkey vulnerability scanning and management platform. It allows you to identify and manage both internal and external threats, report risks, and be compliant with […]