Lucene search

K

MitreCVELIST:CVE-2014-9433

HistoryDec 31, 2014 - 10:00 p.m.

CVE-2014-9433

2014-12-3122:00:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.1%

Multiple cross-site scripting (XSS) vulnerabilities in cms/front_content.php in Contenido before 4.9.6, when advanced mod rewrite (AMR) is disabled, allow remote attackers to inject arbitrary web script or HTML via the (1) idart, (2) lang, or (3) idcat parameter.

References

packetstormsecurity.com/files/129713/CMS-Contenido-4.9.5-Cross-Site-Scripting.html

seclists.org/fulldisclosure/2014/Dec/111

secunia.com/advisories/61396

sroesemann.blogspot.de/2014/12/report-for-advisory-sroeadv-2014-03.html

www.contenido.org/de/cms/CONTENIDO/News/index-c-2044-3.html

www.securityfocus.com/archive/1/534320/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/99497

5.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.1%

Related for CVELIST:CVE-2014-9433

cve1 openvas1 prion1 nvd1