CVE-2014-9760

Опубликовано: 13 фев. 2017

Источник: ubuntu

Приоритет: low

CVSS2: 4.3

CVSS3: 6.1

Описание

Cross-site scripting (XSS) vulnerability in the displayLogin function in html/index.php in GOsa allows remote attackers to inject arbitrary web script or HTML via the username.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	2.7.4+reloaded1-5
cosmic	not-affected	2.7.4+reloaded1-5
devel	not-affected	2.7.4+reloaded1-5
disco	not-affected	2.7.4+reloaded1-5
esm-apps/bionic	not-affected	2.7.4+reloaded1-5
esm-apps/xenial	not-affected	2.7.4+reloaded1-5
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was needs-triage]
precise	ignored	end of life
precise/esm	DNE	precise was needs-triage

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2014-9760

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2014-9760

CVSS3: 6.1

nvd

почти 9 лет назад

Cross-site scripting (XSS) vulnerability in the displayLogin function in html/index.php in GOsa allows remote attackers to inject arbitrary web script or HTML via the username.

CVE-2014-9760

CVSS3: 6.1

debian

почти 9 лет назад

Cross-site scripting (XSS) vulnerability in the displayLogin function ...

GHSA-6wxq-vf75-xrch

CVSS3: 6.1

github

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in the displayLogin function in html/index.php in GOsa allows remote attackers to inject arbitrary web script or HTML via the username.

4.3 Medium

CVSS2

6.1 Medium

CVSS3

CVE-2014-9760

Описание

Пакет gosa

Ссылки на источники

Связанные уязвимости