Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0149

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-0149
Last Modified 06 May 2014 03:07:45
Published 05 May 2014 01:06:05
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-0149

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss Web Framework Kit 2.5.0 allow remote attackers to inject arbitrary web script or HTML via a (1) parameter or (2) id name.

Vulnerable Systems

Application

  • Redhat Jboss Web Framework Kit 2.5.0


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1078646

REDHAT - RHSA-2014:0462


Last Updated: 27 May 2016 11:05:10