CVE-2015-0967

2015-04-1801:00:00

certcc

www.cve.org

7.5 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.5%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in SearchBlox before 8.2 allow remote attackers to inject arbitrary web script or HTML via (1) the search field in plugin/index.html or (2) the title field in the Create Featured Result form in admin/main.jsp.

References

www.kb.cert.org/vuls/id/697316