CVE-2014-125035

EPSS 0.48%
Veröffentlicht 02.01.2023 16:15:10
Zuletzt bearbeitet 21.11.2024 02:03:38
Quelle cna@vuldb.com
CVE-Watchlists
Login
Unerledigt
Login

A vulnerability classified as problematic was found in Jobs-Plugin. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. The identifier of the patch is b8a56718b1d42834c6ec51d9c489c5dc20471d7b. It is recommended to apply a patch to fix this issue. The identifier VDB-217189 was assigned to this vulnerability.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Jobs-plugin Project ≫ Jobs-plugin Version < 2014-12-01

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.48%	0.647

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cna@vuldb.com	3.5	2.1	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
cna@vuldb.com	4	8	2.9	AV:N/AC:L/Au:S/C:N/I:P/A:N

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

https://github.com/mrbobbybryant/Jobs-Plugin/commit/b8a56718b1d42834c6ec51d9c489c5dc20471d7b

Patch

Third Party Advisory

https://github.com/mrbobbybryant/Jobs-Plugin/pull/2

Patch

Third Party Advisory

https://vuldb.com/?ctiid.217189

Third Party Advisory

https://vuldb.com/?id.217189

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2014-125035

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-125035

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-125035

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2014-125035