5 matches found
CVE-2014-5464
Cross-site scripting XSS vulnerability in the nDPI traffic classification library in ntopng aka ntop before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host header...
CVE-2014-5464
Cross-site scripting XSS vulnerability in the nDPI traffic classification library in ntopng aka ntop before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host header...
CVE-2014-5464
Cross-site scripting XSS vulnerability in the nDPI traffic classification library in ntopng aka ntop before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host header...
CVE-2014-5464
CVE-2014-5464 describes an XSS vulnerability in the ntopng/ndpi stack where the HTTP Host header is not sanitized in the web frontend. The issue occurs in ntopng (aka ntop) before version 1.2.1, due to untrusted Host header data being injected into the UI, enabling remote attackers to inject arbi...
CVE-2014-5464
Cross-site scripting XSS vulnerability in the nDPI traffic classification library in ntopng aka ntop before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host header...