CVE-2014-2860
CVE-2014-2860 affects PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3. The vulnerability is a cross-site scripting (XSS) flaw that can be triggered via a crafted HTTP request to either a ColdFusion or JavaScript component, allowing remote attackers to inject arbitrary web script or HTM...