Lucene search

K
cvelistMitreCVELIST:CVE-2014-6439
HistoryOct 10, 2014 - 1:00 a.m.

CVE-2014-6439

2014-10-1001:00:00
mitre
www.cve.org

5.5 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.3%

Cross-site scripting (XSS) vulnerability in the CORS functionality in Elasticsearch before 1.4.0.Beta1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

5.5 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.3%