Cross-site scripting (XSS) vulnerability in components/filemanager/dialog.php in Codiad 2.4.3 allows remote attackers to inject arbitrary web script or HTML via the short_name parameter in a rename action. NOTE: this issue was originally incorrectly mapped to CVE-2014-1137; see CVE-2014-1137 for more information.
References
Link | Resource |
---|---|
http://www.exploit-db.com/exploits/35585 | Exploit |
Configurations
Information
Published : 2015-01-08 12:59
Updated : 2015-01-10 18:59
NVD link : CVE-2014-9582
Mitre link : CVE-2014-9582
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
codiad
- codiad