Back to search
CVE-2014-2879
Published: Apr 17, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in Dell SonicWALL Email Security 7.4.5 and earlier allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the uploadPatch parameter to the System/Advanced page (settings_advanced.html) or (2) the uploadLicenses parameter in the License management (settings_upload_dlicense.html) page.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1029965
vdb-entry
x_refsource_SECTRACK
http://www.vulnerability-lab.com/get_content.php?id=1191
x_refsource_MISC
20140327 Dell SonicWall EMail Security Appliance Application v7.4.5 - Multiple Vulnerabilities
mailing-list
x_refsource_BUGTRAQ
66501
vdb-entry
x_refsource_BID
20140328 Dell SonicWall EMail Security 7.4.5 - Multiple Vulnerabilities (Bulletin)
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now