Cross-site scripting (XSS) vulnerability in content.aspx in Ektron CMS 8.7 before 8.7.0.055 allows remote authenticated users to inject arbitrary web script or HTML via the category0 parameter, which is not properly handled when displaying the Subjects tab in the View Properties menu option.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2014-04-25T10:00:00
Updated: 2024-08-06T10:21:36.061Z
Reserved: 2014-04-04T00:00:00
Link: CVE-2014-2729
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-04-25T14:15:30.517
Modified: 2024-11-21T02:06:50.737
Link: CVE-2014-2729
Redhat
No data.