CVE-2014-9562CVE-2014-9562

Affected configuration(s):

cpe:/a:m2_technologies:optimalsite:0.1
cpe:/a:m2_technologies:optimalsite:2.4

Date published: 2015-02-04T13:59:09.510-05:00

Date last modified: 2015-02-05T11:08:44.040-05:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://seclists.org/fulldisclosure/2015/Feb/8

Summary: Cross-site scripting (XSS) vulnerability in display_dialog.php in M2 OptimalSite 0.1 and 2.4 allows remote attackers to inject arbitrary web script or HTML via the image parameter.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.