Lucene search
PRIOn knowledge basePRION:CVE-2014-3148HistoryAug 31, 2015 - 6:59 p.m.
Cross site scripting
2015-08-3118:59:00
PRIOn knowledge base
www.prio-n.com
4
6.1 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
58.8%
Cross-site scripting (XSS) vulnerability in libahttp/err.c in OkCupid OKWS (OK Web Server) allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to a non-existent page, which is not properly handled in a 404 error page.
Related
cvelist
cvelist
CVE-2014-3148
2015-08-31 18:00:00
packetstorm
packetstorm
OKCupid Cross Site Scripting
2014-09-21 00:00:00
cve
cve
CVE-2014-3148
2015-08-31 18:59:00
freebsd
freebsd
cURL -- multiple vulnerabilities
2015-04-22 00:00:00
nessus
nessus
6.1 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
58.8%
Related for PRION:CVE-2014-3148