2 matches found
CVE-2014-4033
CVE-2014-4033 is an XSS vulnerability in Epignosis eFront 3.6.14.4, identified in libraries/includes/personal/profile.php. It can be triggered via the surname parameter to student.php to inject arbitrary web script/HTML. Red Hat and NVD entries reproduce the same description. Exploitation details...
CVE-2014-4033
Cross-site scripting XSS vulnerability in libraries/includes/personal/profile.php in Epignosis eFront 3.6.14.4 allows remote attackers to inject arbitrary web script or HTML via the surname parameter to student.php...