CVE-2014-8944: XSS
First published: Mon Jun 01 2020(Updated: )
Lexiglot through 2014-11-20 allows XSS (Reflected) via the username, or XSS (Stored) via the admin.php?page=config install_name, intro_message, or new_file_content parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Piwigo Lexiglot | <=2014-11-20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2014-8944.
What is the severity of CVE-2014-8944 vulnerability?
The severity of CVE-2014-8944 vulnerability is medium with a score of 5.4.
What software is affected by CVE-2014-8944 vulnerability?
The Piwigo Lexiglot software up to version 2014-11-20 is affected by CVE-2014-8944 vulnerability.
How does CVE-2014-8944 vulnerability manifest?
CVE-2014-8944 vulnerability manifests as XSS (Reflected) through the username or XSS (Stored) through the admin.php?page=config install_name, intro_message, or new_file_content parameter.
Is there a fix available for CVE-2014-8944 vulnerability?
Yes, the fix for CVE-2014-8944 vulnerability is to upgrade to a version of Piwigo Lexiglot later than 2014-11-20.
- collector/nvd-index
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/piwigo
- canonical/piwigo lexiglot
- version/piwigo lexiglot/2014-11-20