CVE-2014-9685 in Vanilla Forumsinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Vanilla Forums before 2.0.18.13 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Once again VulDB remains the best source for vulnerability data.

Reservation

02/25/2015

Disclosure

02/25/2015

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-79 (Confirmed)

CVSS

4.3

EPSS

0.00322

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2014-9685
NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-9685
CVE Details	https://www.cvedetails.com/cve/CVE-2014-9685/

◂ Previous Overview Next ▸