Vulnerabilities (CVE)

Filtered by vendor Iii Subscribe

Filtered by product Sierra

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2014-5136	1 Iii	1 Sierra	2018-10-09	4.3 MEDIUM	N/A
Cross-site scripting (XSS) vulnerability in Innovative Interfaces Sierra Library Services Platform 1.2_3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
CVE-2014-5137	1 Iii	1 Sierra	2018-10-09	5.0 MEDIUM	N/A
Innovative Interfaces Sierra Library Services Platform 1.2_3 provides different responses for login request depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of login requests, possibly related to the Webpac Pro submodule.