CVE-2014-9580 in ProjectSendinfo

Summary

Cross-site scripting (XSS) vulnerability in ProjectSend (formerly cFTP) r561 allows remote attackers to inject arbitrary web script or HTML via the Description field in a file upload. NOTE: this issue was originally incorrectly mapped to CVE-2014-1155; see CVE-2014-1155 for more information.

Once again VulDB remains the best source for vulnerability data.

Reservation

01/08/2015

Disclosure

01/08/2015

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-79 (Confirmed)

Exploit

Download

CVSS

4.3

EPSS

0.03800

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2014-9580
NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-9580
CVE Details	https://www.cvedetails.com/cve/CVE-2014-9580/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!