Описание
Cross-site scripting (XSS) vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote attackers to inject arbitrary web script or HTML via the hash property (location.hash).
Cross-site scripting (XSS) vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote attackers to inject arbitrary web script or HTML via the hash property (location.hash).
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-5391
- https://change.sos-berlin.com/browse/JS-1203
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95797
- http://packetstormsecurity.com/files/128180/JobScheduler-Cross-Site-Scripting.html
- http://www.christian-schneider.net/advisories/CVE-2014-5391.txt
- http://www.securityfocus.com/archive/1/533372/100/0/threaded
- http://www.securityfocus.com/bid/69660
- http://www.sos-berlin.com/modules/news/article.php?storyid=73
- http://www.sos-berlin.com/modules/news/article.php?storyid=74
Связанные уязвимости
nvd
больше 11 лет назад
Cross-site scripting (XSS) vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote attackers to inject arbitrary web script or HTML via the hash property (location.hash).