cvelist/2014/5xxx/CVE-2014-5391.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "cve@mitre.org",
      "ID" : "CVE-2014-5391",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "n/a",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "n/a"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "n/a"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "Cross-site scripting (XSS) vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote attackers to inject arbitrary web script or HTML via the hash property (location.hash)."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "n/a"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "20140907 CVE-2014-5391 DOM-based Cross-Site Scripting (XSS) in \"JobScheduler\"",
            "refsource" : "BUGTRAQ",
            "url" : "http://www.securityfocus.com/archive/1/533372/100/0/threaded"
         },
         {
            "name" : "http://packetstormsecurity.com/files/128180/JobScheduler-Cross-Site-Scripting.html",
            "refsource" : "MISC",
            "url" : "http://packetstormsecurity.com/files/128180/JobScheduler-Cross-Site-Scripting.html"
         },
         {
            "name" : "http://www.christian-schneider.net/advisories/CVE-2014-5391.txt",
            "refsource" : "MISC",
            "url" : "http://www.christian-schneider.net/advisories/CVE-2014-5391.txt"
         },
         {
            "name" : "http://www.sos-berlin.com/modules/news/article.php?storyid=73",
            "refsource" : "CONFIRM",
            "url" : "http://www.sos-berlin.com/modules/news/article.php?storyid=73"
         },
         {
            "name" : "http://www.sos-berlin.com/modules/news/article.php?storyid=74",
            "refsource" : "CONFIRM",
            "url" : "http://www.sos-berlin.com/modules/news/article.php?storyid=74"
         },
         {
            "name" : "https://change.sos-berlin.com/browse/JS-1203",
            "refsource" : "CONFIRM",
            "url" : "https://change.sos-berlin.com/browse/JS-1203"
         },
         {
            "name" : "69660",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/69660"
         },
         {
            "name" : "jobscheduler-cve20145391-xss(95797)",
            "refsource" : "XF",
            "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95797"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
			`"ASSIGNER" : "cve@mitre.org",`
			`"ID" : "CVE-2014-5391",`
			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "n/a",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "n/a"`
			`}`
			`]`
			`}`
			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "Cross-site scripting (XSS) vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote attackers to inject arbitrary web script or HTML via the hash property (location.hash)."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "20140907 CVE-2014-5391 DOM-based Cross-Site Scripting (XSS) in \"JobScheduler\"",`
			`"refsource" : "BUGTRAQ",`
- Synchronized data. 2018-10-09 15:05:48 -04:00			`"url" : "http://www.securityfocus.com/archive/1/533372/100/0/threaded"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://packetstormsecurity.com/files/128180/JobScheduler-Cross-Site-Scripting.html",`
			`"refsource" : "MISC",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://packetstormsecurity.com/files/128180/JobScheduler-Cross-Site-Scripting.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.christian-schneider.net/advisories/CVE-2014-5391.txt",`
			`"refsource" : "MISC",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.christian-schneider.net/advisories/CVE-2014-5391.txt"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.sos-berlin.com/modules/news/article.php?storyid=73",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.sos-berlin.com/modules/news/article.php?storyid=73"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.sos-berlin.com/modules/news/article.php?storyid=74",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.sos-berlin.com/modules/news/article.php?storyid=74"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://change.sos-berlin.com/browse/JS-1203",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://change.sos-berlin.com/browse/JS-1203"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "69660",`
			`"refsource" : "BID",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.securityfocus.com/bid/69660"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "jobscheduler-cve20145391-xss(95797)",`
			`"refsource" : "XF",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95797"`
			`}`
			`]`
			`}`
			`}`