Lucene search

K

MitreCVELIST:CVE-2014-100004

HistoryJan 13, 2015 - 11:00 a.m.

CVE-2014-100004

2015-01-1311:00:00

mitre

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.4%

Cross-site scripting (XSS) vulnerability in Sitecore CMS before 7.0 Update-4 (rev. 140120) allows remote attackers to inject arbitrary web script or HTML via the xmlcontrol parameter to the default URI. NOTE: some of these details are obtained from third party information.

References

osvdb.org/102660

secunia.com/advisories/56705

sitecorekh.blogspot.dk/2014/01/sitecore-releases-70-update-4-rev-140120.html

www.securityfocus.com/archive/1/530901/100/0/threaded

www.securityfocus.com/bid/65254

exchange.xforce.ibmcloud.com/vulnerabilities/90833

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.4%

Related for CVELIST:CVE-2014-100004

openvas1 prion1 cve1 nvd1