CVE-2014-9580

2015-01-08T14:59:00
ID CVE-2014-9580
Type cve
Reporter NVD
Modified 2017-09-07T21:29:36

Description

Cross-site scripting (XSS) vulnerability in ProjectSend (formerly cFTP) r561 allows remote attackers to inject arbitrary web script or HTML via the Description field in a file upload. NOTE: this issue was originally incorrectly mapped to CVE-2014-1155; see CVE-2014-1155 for more information.