Vasco : Security Vulnerabilities, CVEs,
Cross-site scripting (XSS) vulnerability in the sample feedback.inc file in VASCO DIGIPASS authentication plug-in for Citrix Web Interface allows remote attackers to inject arbitrary web script or HTML via the failmessage parameter.
Max CVSS
6.1
EPSS Score
0.18%
Published
2017-09-28
Updated
2017-10-06
VASCO IDENTIKEY Authentication Server (IAS) 3.4.x allows remote authenticated users to bypass Active Directory (AD) authentication by entering only a DIGIPASS one-time password, instead of the intended combination of this one-time password and a multiple-time AD password.
Max CVSS
3.5
EPSS Score
0.08%
Published
2014-01-13
Updated
2014-01-14
2 vulnerabilities found