Lucene search

K
cvelistMitreCVELIST:CVE-2014-3148
HistoryAug 31, 2015 - 6:00 p.m.

CVE-2014-3148

2015-08-3118:00:00
mitre
www.cve.org

5.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.6%

Cross-site scripting (XSS) vulnerability in libahttp/err.c in OkCupid OKWS (OK Web Server) allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to a non-existent page, which is not properly handled in a 404 error page.

5.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.6%

Related for CVELIST:CVE-2014-3148