竹意

咬定青山不放松,立根原在破岩中。千磨万击还坚劲,任尔东西南北风

私信
归档
© 竹意 | Powered by LOFTER

IT 计算机&信息网络 技术:

CVE-2014-9557 SmartCMS Multiple XSS (Cross-Site Scripting) Security Vulnerability


 

Exploit Title: Smartwebsites SmartCMS v.2 Multiple XSS Security Vulnerabilities
Product: SmartCMS v.2
Vendor: Smartwebsites
Vulnerable Versions: v.2
Tested Version: v.2
Advisory Publication: Jan 22, 2015
Latest Update: Jan 22, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-9557
CVSS Severity (version 2.0):
CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)
Impact Subscore: 2.9
Exploitability Subscore: 8.6
Credit: Wang Jing [MAS, Nanyang Technological University (NTU), Singapore]


http://diebiyi.com/articles/%E5%AE%89%E5%85%A8/cves/cve-2014-9557-smartcms-multiple-xss-cross-site-scripting-security-vulnerability/


转载自:IT 计算机&信息网络 技术
2015-02-11 23
 
 
评论
热度(23)
 
回到顶部