Avaya Aura Experience Portal — known CVE vulnerabilities
Every CVE whose affected-product data names Avaya Aura Experience Portal, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2016-5285 — CVSS 7.5 (high): A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey /…
CVE-2023-7031 — CVSS 5.7 (medium): Insecure Direct Object Reference vulnerabilities were discovered in the Avaya Aura Experience Portal Manager which may allow partial…
CVE-2021-25656 — CVSS 5.3 (medium): Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated…
CVE-2021-25655 — CVSS 4.4 (medium): A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site…