Back to search
CVE-2014-9434
Published: Jan 2, 2015
Modified: Sep 17, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in admin/managerrelated.php in the administrative backend in Absolut Engine 1.73 allows remote authenticated users to inject arbitrary web script or HTML via the title parameter.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://sroesemann.blogspot.de/2014/12/sroeadv-2014-08.html
x_refsource_MISC
20141230 Multiple SQL Injections and Reflecting XSS in Absolut Engine v. 1.73 CMS
mailing-list
x_refsource_FULLDISC
71822
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now