NA
CVSSv3

CVE-2014-0232

CVSSv4: NA | CVSSv3: NA | CVSSv2: 4.3 | VMScore: 530 | EPSS: 0.00581 | KEV: Not Included
Published: 22/08/2014 Updated: 21/11/2024

Vulnerability Summary

Multiple cross-site scripting (XSS) vulnerabilities in framework/common/webcommon/includes/messages.ftl in Apache OFBiz 11.04.01 prior to 11.04.05 and 12.04.01 prior to 12.04.04 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a (1) result or (2) error message.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache ofbiz 12.04.01

apache ofbiz 12.04.02

apache ofbiz 12.04.03

apache ofbiz 11.04.01

apache ofbiz 11.04.02

apache ofbiz 11.04.03

apache ofbiz 11.04.04