CVE-2014-2235
Cross-site scripting (XSS) vulnerability in Askbot before 0.7.49 allows remote attackers to inject arbitrary web script or HTML via vectors related to the question search form.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0029 (0.3%)
Percentil: 52.7%
EPSS: 2026-05-06
Afecta
askbot:askbotDescripción técnica
Cross-site scripting (XSS) vulnerability in Askbot before 0.7.49 allows remote attackers to inject arbitrary web script or HTML via vectors related to the question search form.
Publicada: 5/3/2014, 16:37:40
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://secunia.com/advisories/57163
- http://www.openwall.com/lists/oss-security/2014/02/28/8
- http://www.securityfocus.com/bid/65885
- https://bugzilla.redhat.com/show_bug.cgi?id=1070852
- https://github.com/ASKBOT/askbot-devel/commit/876e3662ff6b78cc6241338c15e3a0cb49edf4e2
- http://secunia.com/advisories/57163
- http://www.openwall.com/lists/oss-security/2014/02/28/8
- http://www.securityfocus.com/bid/65885