CVE-2014-9714 in HipHop Virtual Machine信息

摘要

由 VulDB • 2026-06-28

HHVM(即HipHop虚拟机)3.5.0版本之前的WddxPacket::recursiveAddVar函数中存在跨站脚本(XSS)漏洞,远程攻击者可通过向wddx_serialize_value函数提供精心构造的字符串来注入任意的Web脚本或HTML。

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Want to stay up to date on a daily basis?

Enable the mail alert feature now!