 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2014-5391 |
| Description: | Cross-site scripting (XSS) vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote attackers to inject arbitrary web script or HTML via the hash property (location.hash). |
| Test IDs: | None available |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2014-5391 BugTraq ID: 69660 http://www.securityfocus.com/bid/69660 Bugtraq: 20140907 CVE-2014-5391 DOM-based Cross-Site Scripting (XSS) in "JobScheduler" (Google Search) http://www.securityfocus.com/archive/1/533372/100/0/threaded http://packetstormsecurity.com/files/128180/JobScheduler-Cross-Site-Scripting.html http://www.christian-schneider.net/advisories/CVE-2014-5391.txt XForce ISS Database: jobscheduler-cve20145391-xss(95797) https://exchange.xforce.ibmcloud.com/vulnerabilities/95797 |