Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-1904

Опубликовано: 20 мар. 2014
Источник: debian
EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libspring-javafixed3.0.6.RELEASE-13package

Примечания

  • http://www.gopivotal.com/security/cve-2014-1904

EPSS

Процентиль: 84%
0.02196
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2014-1904

ubuntu
около 11 лет назад

Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.

redhat логотип

CVE-2014-1904

redhat
больше 11 лет назад

Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.

nvd логотип

CVE-2014-1904

nvd
около 11 лет назад

Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.

github логотип

GHSA-ff7p-jqjm-v66h

github
около 3 лет назад

Improper Neutralization of Input During Web Page Generation in Spring Framework

EPSS

Процентиль: 84%
0.02196
Низкий