Lucene search
HistoryMay 20, 2014 - 2:55 p.m.
CVE-2014-3738
cve
2014
3738
cross-site scripting
xss
vulnerability
zenoss
remote attackers
web script
html
5.7 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.007 Low
EPSS
Percentile
79.3%
Cross-site scripting (XSS) vulnerability in Zenoss 4.2.5 allows remote attackers to inject arbitrary web script or HTML via the title of a device.
| CPE | Name | Operator | Version |
|---|---|---|---|
| zenoss:zenoss | zenoss | eq | 4.2.5 |
References
Related
exploitpack
exploitpack
Zenoss Monitoring System 4.2.5-2108 (x64) - Persistent Cross-Site Scripting
2014-07-25 00:00:00
zdt
zdt
Zenoss Monitoring System 4.2.5-2108 64bit - Stored XSS Vulnerability
2014-07-25 00:00:00
packetstorm
packetstorm
Zenoss Monitoring System 4.2.5-2108 Cross Site Scripting
2014-07-25 00:00:00
seebug
seebug
Zenoss Monitoring System 4.2.5-2108 64bit - Stored XSS
2014-07-25 00:00:00
prion
prion
Cross site scripting
2014-05-20 14:55:00
cvelist
cvelist
CVE-2014-3738
2014-05-20 14:00:00
exploitdb
exploitdb
Zenoss Monitoring System 4.2.5-2108 (x64) - Persistent Cross-Site Scripting
2014-07-25 00:00:00
securityvulns
securityvulns
5.7 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.007 Low
EPSS
Percentile
79.3%
Related for CVE-2014-3738