XSS in Fengoffice Feng_office
CVE-2014-5343
Cross-site scripting (XSS) vulnerability in Feng Office allows remote attackers to inject arbitrary web script or HTML via a client Name field.
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.019 (77.3th percentile) — read the EPSS interpretation.
Affected products
- Fengoffice Feng_office — versions 1.6.2, 1.7, 1.7.1
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_MISC)