3 matches found
[SECURITY] Stored Cross Site Scripting in Ektron CMS 8.7
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Stored Cross Site Scripting in Ektron CMS 8.7 CVE reference: CVE-2014-2729 Affected platforms: Ektron Web Content Management System Version: 8.7.0 Date: 2013-December-19 Security risk: Medium CVSS - AV:N/AC:L/Au:S/C:P/I:P/A:N Researcher: Joseph Zeng...
CVE-2014-2729
This CVE targets Ektron CMS 8.7 (before 8.7.0.055). A stored XSS flaw exists in the content.aspx page where the category0 parameter is not properly sanitized when displaying the Subjects tab in the View Properties menu. It affects authenticated remote users who can inject arbitrary script/HTML vi...
Ektron CMS 8.7 Cross Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Stored Cross Site Scripting in Ektron CMS 8.7 CVE reference: CVE-2014-2729 Affected platforms: Ektron Web Content Management System Version: 8.7.0 Date: 2013-December-19 Security risk: Medium CVSS - AV:N/AC:L/Au:S/C:P/I:P/A:N Researcher: Joseph Zeng...