mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
897 B
897 B
CVE-2014-2879
Description
Multiple cross-site scripting (XSS) vulnerabilities in Dell SonicWALL Email Security 7.4.5 and earlier allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the uploadPatch parameter to the System/Advanced page (settings_advanced.html) or (2) the uploadLicenses parameter in the License management (settings_upload_dlicense.html) page.
POC
Reference
- http://seclists.org/fulldisclosure/2014/Mar/409
- http://www.vulnerability-lab.com/get_content.php?id=1191
Github
No PoCs found on GitHub currently.