QwikSec

Security Database

CVE

CWE

Training

CVE-2014-8557

Published: Nov 13, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in JExperts Channel Platform 5.0.33_CCB allow remote attackers to inject arbitrary web script or HTML via the (1) usuario.nome variable in an editarUsuario action to usuario.do or (2) titulo.form variable in a novoChamado action to ticket.do.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20141106 CVE-2014-8557 - JExperts Tecnologia - Channel Software Cross Site Scripting Issues

mailing-list

x_refsource_FULLDISC

channelplatform-cve20148557-xss(98532)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_BID

http://packetstormsecurity.com/files/129009/JExperts-Tecnologia-Channel-Software-Cross-Site-Scripting.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.