Lucene search
+L

4 matches found

securityvulns
securityvulns
added 2014/05/04 12:0 a.m.81 views

[SECURITY] Stored Cross Site Scripting in Ektron CMS 8.7

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Stored Cross Site Scripting in Ektron CMS 8.7 CVE reference: CVE-2014-2729 Affected platforms: Ektron Web Content Management System Version: 8.7.0 Date: 2013-December-19 Security risk: Medium CVSS - AV:N/AC:L/Au:S/C:P/I:P/A:N Researcher: Joseph Zeng...

3.5CVSS0.00972EPSS
Exploits3
nvd
nvd
added 2014/04/25 2:15 p.m.20 views

CVE-2014-2729

Cross-site scripting XSS vulnerability in content.aspx in Ektron CMS 8.7 before 8.7.0.055 allows remote authenticated users to inject arbitrary web script or HTML via the category0 parameter, which is not properly handled when displaying the Subjects tab in the View Properties menu option...

3.5CVSS5.2AI score0.00972EPSS
Exploits3References3
cve
cve
added 2014/04/25 10:0 a.m.49 views

CVE-2014-2729

This CVE targets Ektron CMS 8.7 (before 8.7.0.055). A stored XSS flaw exists in the content.aspx page where the category0 parameter is not properly sanitized when displaying the Subjects tab in the View Properties menu. It affects authenticated remote users who can inject arbitrary script/HTML vi...

3.5CVSS5.3AI score0.00972EPSS
Exploits3References3Affected Software1
cvelist
cvelist
added 2014/04/25 10:0 a.m.27 views

CVE-2014-2729

Cross-site scripting XSS vulnerability in content.aspx in Ektron CMS 8.7 before 8.7.0.055 allows remote authenticated users to inject arbitrary web script or HTML via the category0 parameter, which is not properly handled when displaying the Subjects tab in the View Properties menu option...

5.2AI score0.00972EPSS
Exploits3References3
Rows per page
Query Builder