CVE Security Report - SICS ADH Server

This report is generated on: 26.03.2020, 12:29:30 UTC using dependency-check version: 5.0.0.

The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community.

Name	Description	CWE	CVSS v2.0 Severity	Dependency
CVE-2020-9382	An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title sanitization allowed for the execution of any wiki page as a widget (as defined by this extension) via MediaWiki’s #widget: parser function.	CWE-732	MEDIUM	org.eclipse.e4.ui.widgets-1.2.600.jar
CVE-2020-9382	An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title sanitization allowed for the execution of any wiki page as a widget (as defined by this extension) via MediaWiki’s #widget: parser function.	CWE-732	MEDIUM	org.eclipse.nebula.widgets.cdatetime-1.3.0.201812241324.jar
CVE-2020-9382	An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title sanitization allowed for the execution of any wiki page as a widget (as defined by this extension) via MediaWiki’s #widget: parser function.	CWE-732	MEDIUM	org.eclipse.nebula.widgets.formattedtext-1.0.0.201806070735.jar
CVE-2020-9382	An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title sanitization allowed for the execution of any wiki page as a widget (as defined by this extension) via MediaWiki’s #widget: parser function.	CWE-732	MEDIUM	org.eclipse.nebula.widgets.pgroup-1.0.0.201812241324.jar
CVE-2020-9382	An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title sanitization allowed for the execution of any wiki page as a widget (as defined by this extension) via MediaWiki’s #widget: parser function.	CWE-732	MEDIUM	org.eclipse.nebula.widgets.pshelf-1.1.0.201812241324.jar