2 matches found
CVE-2014-4853
Cross-site scripting XSS vulnerability in odm-init.php in OpenDocMan before 1.2.7.3 allows remote authenticated users to inject arbitrary web script or HTML via the file name of an uploaded file...
CVE-2014-4853
CVE-2014-4853 is a reported cross-site scripting (XSS) flaw in OpenDocMan’s odm-init.php prior to version 1.2.7.3. The vulnerability allows remote authenticated users to inject arbitrary web script or HTML by supplying a specially crafted file name during upload. Public sources from NVD and CVE l...