Commonspot Content Server Security Vulnerabilities and Issues — Commonspot Content Server CVE List

Lucene search

PaperthinCommonspot Content Server

4 matches found

CVE•added 2005/12/29 11:3 a.m.•42 views

CVE-2005-4574

Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the bNewWindow parameter.

4.3CVSS6.7AI score0.03811EPSS

CVE•added 2010/02/02 5:30 p.m.•34 views

CVE-2010-0468

Cross-site scripting (XSS) vulnerability in utilities/longproc.cfm in PaperThin CommonSpot Content Server allows remote attackers to inject arbitrary web script or HTML via the url parameter.

4.3CVSS5.9AI score0.00189EPSS

CVE•added 2014/04/15 11:13 p.m.•34 views

CVE-2014-2861

Incomplete blacklist vulnerability in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted string, as demonstrated by bypassing a protection mechanism that removes only the "alert" string.

4.3CVSS5.8AI score0.00352EPSS

CVE•added 2014/04/15 11:13 p.m.•28 views

CVE-2014-2860

Multiple cross-site scripting (XSS) vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to inject arbitrary web script or HTML via a crafted HTTP request to a (1) ColdFusion or (2) JavaScript component.

4.3CVSS5.8AI score0.00199EPSS