Aggregates CVE and security vulnerability intelligence across all vadesecure-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk cross-site scripting, with potential vendor impact session compromise across vendor surface software deployment and vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-29714 | Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via the username, password, and language cookies parameter. | [email protected] | 6.1 | 0.68% | 2023-06-09 | 2025-01-06 |
| CVE-2023-29713 | Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the GET request after the /css/ directory. | [email protected] | 6.1 | 0.68% | 2023-06-09 | 2025-01-06 |
| CVE-2023-29712 | Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the X-Rewrite-URL parameter. | [email protected] | 6.1 | 0.88% | 2023-06-09 | 2025-01-06 |