Lucene search
Veracode Vulnerability DatabaseVERACODE:46738HistoryMay 03, 2024 - 8:26 a.m.
Cross Site Scripting (XSS)
2024-05-0308:26:29
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
ajenti
cron
cross site scripting
xss
input validation
html
vulnerability
remote users
software
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
48.7%
ajenti is vulnerable to Cross Site Scripting (XSS). The vulnerability is due to inadequate input validation in the command field of the Cron functionality, allowing remote authenticated users to inject arbitrary web script or HTML.
References
Related
nvd
nvd
CVE-2014-2260
2014-04-30 23:58:26
prion
prion
Cross site scripting
2014-04-30 23:58:00
cvelist
cvelist
CVE-2014-2260
2014-04-30 22:00:00
osv
osv
PYSEC-2014-98
2014-04-30 23:58:00
cve
cve
CVE-2014-2260
2014-04-30 23:58:26
github
github
Ajenti Cross-site scripting (XSS) vulnerability
2022-05-17 04:45:18
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
48.7%
Related for VERACODE:46738