CVE-2014-4743CVE-2014-4743

Affected configuration(s):

cpe:/a:kajona:kajona:3.1.0
cpe:/a:kajona:kajona:3.1.1
cpe:/a:kajona:kajona:3.2.0
cpe:/a:kajona:kajona:3.2.1
cpe:/a:kajona:kajona:3.3.0
cpe:/a:kajona:kajona:3.3.1
cpe:/a:kajona:kajona:3.4.0
cpe:/a:kajona:kajona:3.4.1
cpe:/a:kajona:kajona:3.4.2
cpe:/a:kajona:kajona:4.0
cpe:/a:kajona:kajona:4.1
cpe:/a:kajona:kajona:4.2
cpe:/a:kajona:kajona:4.3
cpe:/a:kajona:kajona:4.4

Date published: 2014-07-09T10:55:04.297-04:00

Date last modified: 2015-10-05T22:43:15.293-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://www.kajona.de/en/Development/Changelog/Changelog-V4-5/changelog_45.html

Summary: Multiple cross-site scripting (XSS) vulnerabilities in (1) search_ajax.tpl and (2) search_ajax_small.tpl in templates/default/tpl/module_search/ in the Search module (module_search) in Kajona before 4.5 allow remote attackers to inject arbitrary web script or HTML via the search parameter.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.