Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2729


Vulnerability Score 3.5 3.5
CVE Id CVE-2014-2729
Last Modified 25 Apr 2014 01:51:50
Published 25 Apr 2014 10:15:30
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE



Cross-site scripting (XSS) vulnerability in content.aspx in Ektron CMS 8.7 before allows remote authenticated users to inject arbitrary web script or HTML via the category0 parameter, which is not properly handled when displaying the Subjects tab in the View Properties menu option.

Vulnerable Systems


  • Ektron Content Management System 8.7.0


BUGTRAQ - 20140416 [SECURITY] Stored Cross Site Scripting in Ektron CMS 8.7

BUGTRAQ - 20140416 [Security Advisory] Stored Cross Site Scripting in Ektron CMS 8.7


Last Updated: 27 May 2016 11:05:06