CVE-2014-4722

Опубликовано: 07 июл. 2014

Источник: debian

Описание

Multiple cross-site scripting (XSS) vulnerabilities in the OCS Reports Web Interface in OCS Inventory NG allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ocsinventory-server	unfixed			package

Примечания

Authentication is needed, only supported in trusted environments, see debtags
Fixed upstream in 2.12.3
https://github.com/OCSInventory-NG/OCSInventory-ocsreports/issues/1619

Связанные уязвимости

CVE-2014-4722

ubuntu

больше 11 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the OCS Reports Web Interface in OCS Inventory NG allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2014-4722

nvd

больше 11 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the OCS Reports Web Interface in OCS Inventory NG allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

GHSA-qv29-vvm4-3pc6

github

больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the OCS Reports Web Interface in OCS Inventory NG allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.