← voltar
CVE-2014-6027

CVE-2014-6027

EPSS 1.2%
Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.4 allow (1) remote attackers to inject arbitrary web script or HTML by leveraging failure to encode file contents when downloading a torrent file or (2) remote authenticated users to inject arbitrary web script or HTML via vectors involving a link to torrent details.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759574http://www.openwall.com/lists/oss-security/2014/09/02/3http://www.securitytracker.com/id/1030791