← back
CVE-2014-9405

CVE-2014-9405

EPSS 1.5%
A Cross-Site Scripting (XSS) vulnerability exists in the description field of an Download RSS item or Contacts in Freebox OS Web interface 3.0.2, which allows malicious users to execute arbitrary code.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/132121/FreeBox-3.0.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.htmlhttp://seclists.org/fulldisclosure/2015/Jun/1http://www.securityfocus.com/archive/1/535660/100/0/threadedhttp://www.securityfocus.com/bid/74936