XSS in Algosec Fireflow

CVE-2014-4164

Cross-site scripting (XSS) vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to inject arbitrary web script or HTML via a user signature to SelfService/Prefs.html.

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.010 (58.1th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References