CVE-2014-5110
Cross-site scripting (XSS) vulnerability in user/help/html/index.php in Fonality trixbox allows remote attackers to inject arbitrary web script or HTML via the id_nodo parameter.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0030 (0.3%)
Percentil: 53.3%
EPSS: 2026-05-06
Afecta
netfortris:trixboxDescripción técnica
Cross-site scripting (XSS) vulnerability in user/help/html/index.php in Fonality trixbox allows remote attackers to inject arbitrary web script or HTML via the id_nodo parameter.
Publicada: 28/7/2014, 15:55:04
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://packetstormsecurity.com/files/127522/Trixbox-XSS-LFI-SQL-Injection-Code-Execution.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/94719
- http://packetstormsecurity.com/files/127522/Trixbox-XSS-LFI-SQL-Injection-Code-Execution.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/94719