Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-3628HistoryJan 06, 2015 - 3:59 p.m.
CVE-2014-3628
2015-01-0615:59:00
Debian Security Bug Tracker
security-tracker.debian.org
10
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.02 Low
EPSS
Percentile
88.8%
Cross-site scripting (XSS) vulnerability in the Admin UI Plugin / Stats page in Apache Solr 4.x before 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the fieldvaluecache object.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | lucene-solr | < 3.6.2+dfsg-26 | lucene-solr_3.6.2+dfsg-26_all.deb |
| Debian | 11 | all | lucene-solr | < 3.6.2+dfsg-24 | lucene-solr_3.6.2+dfsg-24_all.deb |
| Debian | 999 | all | lucene-solr | < 3.6.2+dfsg-26 | lucene-solr_3.6.2+dfsg-26_all.deb |
| Debian | 13 | all | lucene-solr | < 3.6.2+dfsg-26 | lucene-solr_3.6.2+dfsg-26_all.deb |
Related
osv
osv
Improper Neutralization of Input During Web Page Generation in Apache Solr
2022-05-17 04:17:55
cve
cve
CVE-2014-3628
2015-01-06 15:59:00
nvd
nvd
CVE-2014-3628
2015-01-06 15:59:00
nessus
nessus
Apache Solr < 4.10.5 'plugin.js' XSS
2015-03-24 00:00:00
github
github
Improper Neutralization of Input During Web Page Generation in Apache Solr
2022-05-17 04:17:55
ubuntucve
ubuntucve
CVE-2014-3628
2015-01-06 00:00:00
cvelist
cvelist
CVE-2014-3628
2015-01-06 15:00:00
prion
prion
Cross site scripting
2015-01-06 15:59:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.02 Low
EPSS
Percentile
88.8%
Related for DEBIANCVE:CVE-2014-3628