CVE-2014-2236
Multiple cross-site scripting (XSS) vulnerabilities in Askbot before 0.7.49 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) tag or (2) user search forms.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0042 (0.4%)
Percentil: 62.0%
EPSS: 2026-05-06
Afecta
askbot:askbotDescripción técnica
Multiple cross-site scripting (XSS) vulnerabilities in Askbot before 0.7.49 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) tag or (2) user search forms.
Publicada: 5/3/2014, 16:37:40
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://secunia.com/advisories/57163
- http://www.openwall.com/lists/oss-security/2014/02/28/8
- http://www.securityfocus.com/bid/65885
- https://bugzilla.redhat.com/show_bug.cgi?id=1070852
- https://github.com/ASKBOT/askbot-devel/commit/876e3662ff6b78cc6241338c15e3a0cb49edf4e2#diff-b693b4c02739be4b3231bece15b0eb87
- https://github.com/ASKBOT/askbot-devel/commit/a676a86b6b7a5737d4da4f59f71e037406f88d29
- http://secunia.com/advisories/57163
- http://www.openwall.com/lists/oss-security/2014/02/28/8