← voltar
CVE-2014-4958

CVE-2014-4958

EPSS 2.0%
Cross-site scripting (XSS) vulnerability in Telerik UI for ASP.NET AJAX RadEditor control 2014.1.403.35, 2009.3.1208.20, and other versions allows remote attackers to inject arbitrary web script or HTML via CSS expressions in style attributes.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://blogs.telerik.com/blogs/14-09-24/securing-radeditor-content-and-preventing-xss-attackshttp://maverickblogging.com/disclosing-cve-2014-4958-stored-attribute-based-cross-site-scripting-xss-vulnerability-in-telerik-ui-for-asp-net-ajax-radeditor-control/http://packetstormsecurity.com/files/128414/Telerik-ASP.NET-AJAX-RadEditor-Control-2014.1.403.35-XSS.htmlhttp://www.securityfocus.com/archive/1/533537/30/0/threaded