XSS in Efssoft Easy_file_sharing_web_server
CVE-2014-5178
Multiple cross-site scripting (XSS) vulnerabilities in Easy File Sharing (EFS) Web Server 6.8 allow remote authenticated users to inject arbitrary web script or HTML via the content parameter when (1) creating a topic or (2) posting an ans…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.003 (49.2th percentile) — read the EPSS interpretation.
Affected products
- Efssoft Easy_file_sharing_web_server — versions 6.8
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (Exploit, x_refsource_MISC)
- 60524 (x_refsource_SECUNIA, third-party-advisory)
- easyfilesharing-webserver-xss(94887) (vdb-entry, x_refsource_XF)
- 20140725 Easy file sharing web server - persist XSS in forum msgs (mailing-list, x_refsource_BUGTRAQ)