CVE-2014-6254

2014-12-15T13:59:07
ID CVE-2014-6254
Type cve
Reporter NVD
Modified 2014-12-16T09:06:13

Description

Multiple cross-site scripting (XSS) vulnerabilities in Zenoss Core through 5 Beta 3 allow remote attackers to inject arbitrary web script or HTML via an attribute in a (1) device name, (2) device detail, (3) report name, (4) report detail, or (5) portlet name, or (6) a string to a helper method, aka ZEN-15381 and ZEN-15410.