NVD

Id
36135  
Name
CVE-2014-9432  
Description
Multiple cross-site scripting (XSS) vulnerabilities in templates/2k11/admin/overview.inc.tpl in Serendipity before 2.0-rc2 allow remote attackers to inject arbitrary web script or HTML via a blog comment in the QUERY_STRING to serendipity/index.php.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2014-12-31  
Modified Date
2015-01-12  
Seq
2014-9432  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
184711 36135 CVE-2014-9432 http://blog.s9y.org/archives/259-Serendipity-2.0-rc2-released.html  View
184712 36135 CVE-2014-9432 http://packetstormsecurity.com/files/129709/CMS-Serendipity-2.0-rc1-Cross-Site-Scripting.html  View
184713 36135 CVE-2014-9432 20141223 Stored XSS Vulnerability in CMS Serendipity v.2.0-rc1  View
184714 36135 CVE-2014-9432 http://sroesemann.blogspot.de/2014/12/bericht-zu-sroeadv-2014-02.html  View
184715 36135 CVE-2014-9432 20141223 Stored XSS Vulnerability in CMS Serendipity v.2.0-rc1  View
184716 36135 CVE-2014-9432 serendipity-index-xss(99464)  View
184717 36135 CVE-2014-9432 https://github.com/s9y/Serendipity/commit/36cde3030aaa27a46bf94086e062dfe56b60230b  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
18590 JVNDB-2014-007465 Serendipity の templates/2k11/admin/overview.inc.tpl におけるクロスサイトスクリプティングの脆弱性 Serendipity の templates/2k11/admin/overview.inc.tpl には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2014-9432 76725 CVE-2014-9432 36135 4.3 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007465.html 2014-12-23 2015-01-07 View