Multiple cross-site scripting (XSS) vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to inject arbitrary web script or HTML via a crafted HTTP request to a (1) ColdFusion or (2) JavaScript component.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-04-15T23:00:00Z

Updated: 2024-09-16T20:43:10.888Z

Reserved: 2014-04-15T00:00:00Z

Link: CVE-2014-2860

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-04-15T23:13:17.320

Modified: 2024-11-21T02:07:04.860

Link: CVE-2014-2860

cve-icon Redhat

No data.