CVE-2014-2939CVE-2014-2939

Affected configuration(s):

cpe:/a:alfresco:alfresco:4.1.6::~~enterprise~~~

Date published: 2014-06-02T15:55:03.360-04:00

Date last modified: 2014-06-03T11:30:22.707-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://www.kb.cert.org/vuls/id/537684

Summary: Multiple cross-site scripting (XSS) vulnerabilities in Alfresco Enterprise before 4.1.6.13 allow remote attackers to inject arbitrary web script or HTML via (1) an XHTML document, (2) a <% tag, or (3) the taskId parameter to share/page/task-edit.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *