CVE-2014-3988
CVE-2014-3988 is an XSS vulnerability in SunHater KCFinder 3.11 and earlier, exploitable via the file or directory name of an uploaded file in index.php. The published description states that remote attackers can inject arbitrary web script or HTML. Affected software/versions are explicitly SunHa...