Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 1:40 p.m.14 views

CVE-2014-2231

Cross-site scripting XSS vulnerability in the API in synetics i-doit pro before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via a property title...

4.3CVSS5.8AI score0.00939EPSS
Exploits1References1
seebug.org
seebug.org
added 2014/03/06 12:0 a.m.29 views

synetics i-doit pro API跨站脚本漏洞

BUGTRAQ ID:65957 CVE ID:CVE-2014-2231 Synetics i-doit是德国Synetics公司的一个基于Web的开源IT文档和CMDB(配置管理数据库),它能够记录IT系统及其变化的信息,同时针对系统变化制定应急方案,最终确保IT网络稳定、高效的运作。 synetics i-doit 1.2.5之前版本的的API存在跨站脚本漏洞,允许远程攻击者通过产权注入任意的web脚本或HTML。 0 synetics GmbH i-doit 1.2.4 synetics GmbH i-doit 1.1.1 synetics GmbH i-doit 1.1.2...

4.3CVSS6.7AI score0.00939EPSS
Exploits1
NVD
NVD
added 2014/02/27 3:55 p.m.21 views

CVE-2014-2231

Cross-site scripting XSS vulnerability in the API in synetics i-doit pro before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via a property title...

4.3CVSS5.6AI score0.00939EPSS
Exploits1References2
CVE
CVE
added 2014/02/27 3:0 p.m.50 views

CVE-2014-2231

CVE-2014-2231 affects synetics i-doit pro API prior to 1.2.5, where an XSS flaw allows remote attackers to inject arbitrary web script/HTML via the title property. Affected: synetics i-doit pro before 1.2.5 (API component). Root cause: improper handling/validation of the title field in API input....

4.3CVSS5.8AI score0.00939EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2014/02/27 3:0 p.m.28 views

CVE-2014-2231

Cross-site scripting XSS vulnerability in the API in synetics i-doit pro before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via a property title...

5.6AI score0.00939EPSS
Exploits1References2
Rows per page
Query Builder