CVE-2014-5391

Published: Sep 11, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote attackers to inject arbitrary web script or HTML via the hash property (location.hash).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

69660

vdb-entry

x_refsource_BID

http://packetstormsecurity.com/files/128180/JobScheduler-Cross-Site-Scripting.html

x_refsource_MISC

http://www.sos-berlin.com/modules/news/article.php?storyid=73

x_refsource_CONFIRM

http://www.sos-berlin.com/modules/news/article.php?storyid=74

x_refsource_CONFIRM

20140907 CVE-2014-5391 DOM-based Cross-Site Scripting (XSS) in "JobScheduler"

mailing-list

x_refsource_BUGTRAQ

https://change.sos-berlin.com/browse/JS-1203

x_refsource_CONFIRM

jobscheduler-cve20145391-xss(95797)

vdb-entry

x_refsource_XF

http://www.christian-schneider.net/advisories/CVE-2014-5391.txt

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-5391

Description

Affected Products

References