A Cross-Site Scripting (XSS) vulnerability exists in the description field of an Download RSS item or Contacts in Freebox OS Web interface 3.0.2, which allows malicious users to execute arbitrary code.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/132121/FreeBox-3.0.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html | Exploit Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2015/Jun/1 | Exploit Mailing List Third Party Advisory |
http://www.securityfocus.com/archive/1/535660/100/0/threaded | Exploit Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/74936 | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-01-06T21:16:38
Updated: 2020-01-06T21:16:38
Reserved: 2014-12-17T00:00:00
Link: CVE-2014-9405
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-01-06T22:15:10.937
Modified: 2020-01-13T19:11:40.310
Link: CVE-2014-9405
JSON object: View
Redhat Information
No data.
CWE