Lucene search

K

RedhatCVELIST:CVE-2014-0232

HistoryAug 22, 2014 - 2:00 p.m.

CVE-2014-0232

2014-08-2214:00:00

redhat

www.cve.org

1

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.7%

Multiple cross-site scripting (XSS) vulnerabilities in framework/common/webcommon/includes/messages.ftl in Apache OFBiz 11.04.01 before 11.04.05 and 12.04.01 before 12.04.04 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a (1) result or (2) error message.

References

ofbiz.apache.org/download.html#vulnerabilities

packetstormsecurity.com/files/127929/Apache-OFBiz-11.04.04-12.04.03-Cross-Site-Scripting.html

seclists.org/oss-sec/2014/q3/405

secunia.com/advisories/60807

svn.apache.org/viewvc?view=revision&revision=r1608698

www.securityfocus.com/archive/1/533163/100/0/threaded

www.securityfocus.com/bid/69286

www.securitytracker.com/id/1030739

exchange.xforce.ibmcloud.com/vulnerabilities/95356

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.7%

Related for CVELIST:CVE-2014-0232

nvd1 securityvulns1 prion1 cve1