What is CVE-2014-8917?

CVE-2014-8917 is a vulnerability in Ibm Financial_transaction_manager, classified under Cross-site Scripting. Published 2015-01-28.

Is CVE-2014-8917 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

XSS in Ibm Financial_transaction_manager

CVE-2014-8917

Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/vid…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.004 (64.0th percentile) — read the EPSS interpretation.

Affected products

Ibm Financial_transaction_manager — versions 2.0.0.0, 2.0.0.1, 2.0.0.2
Ibm Financial_transaction_manager_for_check_services — versions 2.1.1.8
Ibm Financial_transaction_manager_for_corporate_payment_services — versions 2.1.1.0
Ibm Social_media_analytics
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

Public proof-of-concept exploits

harry-sunhao/Enterprise-Domain-Q-A

References

62590 (x_refsource_SECUNIA, third-party-advisory)
ibm-dojo-cve20148917-xss(99303) (vdb-entry, x_refsource_XF)
62837 (x_refsource_SECUNIA, third-party-advisory)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
1032376 (vdb-entry, x_refsource_SECTRACK)
psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
72903 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2014-8917?: CVE-2014-8917 is a vulnerability in Ibm Financial_transaction_manager, classified under Cross-site Scripting. Published 2015-01-28.
Is CVE-2014-8917 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.