Lucene search
MitreCVE-2014-9179HistoryDec 02, 2014 - 4:59 p.m.
CVE-2014-9179
2014-12-0216:59:16
CWE-79
mitre
web.nvd.nist.gov
23
cve-2014-9179
cross-site scripting
xss
vulnerability
supportezzy ticket system
wordpress
plugin
nvd
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
45.9%
Cross-site scripting (XSS) vulnerability in the SupportEzzy Ticket System plugin 1.2.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the “URL (optional)” field in a new ticket.
Affected configurations
Node
supportezzy_ticket_system_projectsupportezzy_ticket_systemMatch1.2.5wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| supportezzy_ticket_system_project | supportezzy_ticket_system | 1.2.5 | cpe:2.3:a:supportezzy_ticket_system_project:supportezzy_ticket_system:1.2.5:*:*:*:*:wordpress:*:* |
Related
patchstack
patchstack
WordPress SupportEzzy Ticket System Plugin 1.2.5 - Stored XSS
2014-11-12 00:00:00
cvelist
cvelist
CVE-2014-9179
2014-12-02 16:00:00
nvd
nvd
CVE-2014-9179
2014-12-02 16:59:16
wpvulndb
wpvulndb
SupportEzzy Ticket System 1.2.5 - Cross Site Scripting
2014-11-13 19:41:09
prion
prion
Cross site scripting
2014-12-02 16:59:00
exploitdb
exploitdb
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
45.9%
Related for CVE-2014-9179