Lucene search

MitreCVELIST:CVE-2014-9179

HistoryDec 02, 2014 - 4:00 p.m.

CVE-2014-9179

2014-12-0216:00:00

mitre

www.cve.org

cve-2014-9179

xss

supportezzy ticket system

wordpress

remote authenticated users

web script

html

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

45.9%

JSON

Cross-site scripting (XSS) vulnerability in the SupportEzzy Ticket System plugin 1.2.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the “URL (optional)” field in a new ticket.

References

packetstormsecurity.com/files/129103/WordPress-SupportEzzy-Ticket-System-1.2.5-Cross-Site-Scripting.html