Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9562

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-9562
Last Modified 05 Feb 2015 11:08:44
Published 04 Feb 2015 01:59:09
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-9562

Summary

Cross-site scripting (XSS) vulnerability in display_dialog.php in M2 OptimalSite 0.1 and 2.4 allows remote attackers to inject arbitrary web script or HTML via the image parameter.

Vulnerable Systems

Application

  • M2 Technologies Optimalsite 0.1

  • M2 Technologies Optimalsite 2.4


References

MISC - http://tetraph.com/security/cves/cve-2014-9562-optimalsite-content-management-system-cms-xss-cross-site-scripting-security-vulnerabilities/

FULLDISC - 20150202 CVE-2014-9562 OptimalSite Content Management System (CMS) XSS (Cross-Site Scripting) Security Vulnerabilities


Last Updated: 27 May 2016 11:07:42