← back
CVE-2014-6027

CVE-2014-6027

EPSS 1.2%
Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.4 allow (1) remote attackers to inject arbitrary web script or HTML by leveraging failure to encode file contents when downloading a torrent file or (2) remote authenticated users to inject arbitrary web script or HTML via vectors involving a link to torrent details.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759574http://www.openwall.com/lists/oss-security/2014/09/02/3http://www.securitytracker.com/id/1030791