Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Allomani Weblinks 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) default URI to admin.php or the (2) id parameter to admin.php or (3) go.php.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Allomani | Allomani Weblinks | 1.0 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/128565/Allomani-Weblinks-1.0-Cross-Site-ScrExploit
- http://www.securityfocus.com/bid/70255Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/96841
- http://packetstormsecurity.com/files/128565/Allomani-Weblinks-1.0-Cross-Site-ScrExploit
- http://www.securityfocus.com/bid/70255Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/96841
FAQ
What is CVE-2014-8593?
CVE-2014-8593 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in Allomani Weblinks 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) default URI to admin.php or the (2) id parameter ...
How severe is CVE-2014-8593?
CVE-2014-8593 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-8593?
Check the references section above for vendor advisories and patch information. Affected products include: Allomani Allomani Weblinks.