mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-09 16:04:06 +00:00
77 lines
2.6 KiB
JSON
77 lines
2.6 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2014-8352",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Cross-site scripting (XSS) vulnerability in json.php in French National Commission on Informatics and Liberty (aka CNIL) CookieViz allows remote we servers to inject arbitrary web script or HTML via the max_date parameter."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://github.com/LaboCNIL/CookieViz/commit/489b6050f6c53fe7b24c4bed3eeb9c25543960e2",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://github.com/LaboCNIL/CookieViz/commit/489b6050f6c53fe7b24c4bed3eeb9c25543960e2"
|
|
},
|
|
{
|
|
"name": "20141103 CNIL CookieViz XSS + SQL injection leading to user pwnage",
|
|
"refsource": "FULLDISC",
|
|
"url": "http://seclists.org/fulldisclosure/2014/Nov/3"
|
|
},
|
|
{
|
|
"name": "http://packetstormsecurity.com/files/128960/CNIL-CookieViz-Cross-Site-Scripting-SQL-Injection.html",
|
|
"refsource": "MISC",
|
|
"url": "http://packetstormsecurity.com/files/128960/CNIL-CookieViz-Cross-Site-Scripting-SQL-Injection.html"
|
|
},
|
|
{
|
|
"name": "cookieviz-cve20148352-xss(98452)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98452"
|
|
}
|
|
]
|
|
}
|
|
} |