CVE-2014-9582

Cross-site scripting (XSS) vulnerability in components/filemanager/dialog.php in Codiad 2.4.3 allows remote attackers to inject arbitrary web script or HTML via the short_name parameter in a rename action. NOTE: this issue was originally incorrectly mapped to CVE-2014-1137; see CVE-2014-1137 for more information.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:codiad:codiad:2.4.3:*:*:*:*:*:*:*

Information

Published : 2015-01-08 12:59

Updated : 2015-01-10 18:59


NVD link : CVE-2014-9582

Mitre link : CVE-2014-9582


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

codiad

  • codiad