3 matches found
CVE-2014-3739
Open redirect vulnerability in zport/aclusers/cookieAuthHelper/loginform in Zenoss 4.2.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the camefrom parameter...
CVE-2014-3738
Cross-site scripting XSS vulnerability in Zenoss 4.2.5 allows remote attackers to inject arbitrary web script or HTML via the title of a device...
CVE-2014-3738
Cross-site scripting XSS vulnerability in Zenoss 4.2.5 allows remote attackers to inject arbitrary web script or HTML via the title of a device...