Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-3247

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-3247
Last Modified 31 Jul 2015 09:38:14
Published 15 May 2014 10:55:07
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-3247

Summary

Cross-site scripting (XSS) vulnerability in Collabtive 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the desc parameter in an Add project (addpro) action to admin.php.

Vulnerable Systems

Application

  • O-dyn Collabtive 1.2


References

EXPLOIT-DB - 33250

BID - 67343


Last Updated: 27 May 2016 11:08:42