CVE-2014-3649
CVE-2014-3649 affects Red Hat/JBoss AeroGear and refers to a reflected XSS vulnerability in the password field. The root cause cited by CNVD is lack of proper validation of client-side data by the WEB application, enabling an attacker to execute client-side code in a victim’s browser. Public expl...