Lucene search
HistoryMay 08, 2014 - 2:29 p.m.
CVE-2014-2689
cve
2014
2689
cross-site scripting
xss
vulnerability
offiria
path_info
installer
nvd
5.6 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
55.5%
Cross-site scripting (XSS) vulnerability in Offiria 2.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to installer/index.php.
| CPE | Name | Operator | Version |
|---|---|---|---|
| slashes\&dots:offria | slashes\&dots offria | le | 2.1.0 |
Related
prion
prion
Cross site scripting
2014-05-08 14:29:00
htbridge
htbridge
Cross-Site Scripting (XSS) in Offiria
2014-04-02 00:00:00
securityvulns
securityvulns
[oss-security] CVE Request ---- SOAPpy 0.12.5 Multiple Vulnerabilities
2014-05-10 00:00:00
Cross-Site Scripting (XSS) in Offiria
2014-05-10 00:00:00
openvas
openvas
Offiria Cross-Site Scripting Vulnerability
2015-05-27 00:00:00
packetstorm
packetstorm
Offiria 2.1.0 Cross Site Scripting
2014-05-07 00:00:00
zdt
zdt
Offiria 2.1.0 Cross Site Scripting Vulnerability
2014-05-08 00:00:00
cvelist
cvelist
CVE-2014-2689
2014-05-08 14:00:00
5.6 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
55.5%
Related for CVE-2014-2689