Vignette Content Suite — known CVE vulnerabilities
Every CVE whose affected-product data names Vignette Content Suite, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2003-0403 — CVSS 7.5 (high): Vignette StoryServer 5 and Vignette V/5 allows remote attackers to read and modify license information, and cause a denial of service…
CVE-2003-0398 — CVSS 7.5 (high): Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, with the SSI EXEC feature enabled, allows remote attackers to execute arbitrary…
CVE-2003-0399 — CVSS 6.4 (medium): Vignette StoryServer 4 and 5, Vignette V/5, and possibly other versions allows remote attackers to perform unauthorized SELECT queries by…
CVE-2003-0402 — CVSS 5.0 (medium): The default login template (/vgn/login) in Vignette StoryServer 5 and Vignette V/5 generates different responses whether a user exists or…
CVE-2003-0405 — CVSS 5.0 (medium): Vignette StoryServer 5 and Vignette V/6 allows remote attackers to execute arbitrary TCL code via (1) an HTTP query or cookie which is…
CVE-2003-0400 — CVSS 5.0 (medium): Vignette StoryServer and Vignette V/5 does not properly calculate the size of text variables, which causes Vignette to return unauthorized…
CVE-2003-0401 — CVSS 5.0 (medium): Vignette StoryServer and Vignette V/5 allows remote attackers to obtain sensitive information via a request for the /vgn/style template.
CVE-2003-0404 — CVSS 4.3 (medium): Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote attackers to…