Description

Cross-site scripting (XSS) vulnerability in name.html in easyXDM before 2.4.19 allows remote attackers to inject arbitrary web script or HTML via the location.hash value.

Remediation

References

CVE-2014-1403

Related Vulnerabilities

Grafana Improper Authentication Vulnerability (CVE-2018-15727)

WordPress Plugin Mini Mail Dashboard Widget Cross-Site Scripting (1.42)

WordPress Plugin PHP Analytics Arbitrary File Upload (1.0.0.2)

Grafana Improper Input Validation Vulnerability (CVE-2022-39306)

IBM RTC Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-29844)

Severity

Medium

Classification

CVE-2014-1403 CWE-707

Tags

Missing Update Known Vulnerabilities