cve/2014/CVE-2014-9580.md

CVE-2014-9580

Description

Cross-site scripting (XSS) vulnerability in ProjectSend (formerly cFTP) r561 allows remote attackers to inject arbitrary web script or HTML via the Description field in a file upload. NOTE: this issue was originally incorrectly mapped to CVE-2014-1155; see CVE-2014-1155 for more information.

POC

Reference

• http://packetstormsecurity.com/files/129666

Github

No PoCs found on GitHub currently.