CVE-2014-4301
Multiple cross-site scripting (XSS) vulnerabilities in the respond_error function in routing.py in Eugene Pankov Ajenti before 1.2.21.7 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) resources.js or (2) resources.css in ajenti:static/, related to the traceback page.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0037 (0.4%)
Percentil: 58.6%
EPSS: 2026-05-06
Afecta
ajenti:ajentiDescripción técnica
Multiple cross-site scripting (XSS) vulnerabilities in the respond_error function in routing.py in Eugene Pankov Ajenti before 1.2.21.7 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) resources.js or (2) resources.css in ajenti:static/, related to the traceback page.
Publicada: 18/6/2014, 14:55:13
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://secunia.com/advisories/59177
- http://www.securityfocus.com/bid/68047
- https://github.com/Eugeny/ajenti/commit/d3fc5eb142ff16d55d158afb050af18d5ff09120
- https://www.netsparker.com/critical-xss-vulnerabilities-in-ajenti
- http://secunia.com/advisories/59177
- http://www.securityfocus.com/bid/68047
- https://github.com/Eugeny/ajenti/commit/d3fc5eb142ff16d55d158afb050af18d5ff09120
- https://www.netsparker.com/critical-xss-vulnerabilities-in-ajenti