Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2014-8732

From: cert () it nrw de
Date: Wed, 12 Nov 2014 09:27:11 GMT
CVE-2014-8732
CVSSv2 Vector:
[AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:U/RC:C]
CVSSv2 Base Score=7.5
CVSSv2 Temp Score=7.5
OWASP Top 10 classification: A3 - Cross Site Scripting

There is a stored xss vulnerability in phpMemcachedAdmin. Most of the user-specified input fields which are displayed 
on several pages of the application aren't properly escaped (lack of output enconding).

All versions prior and including the current version 1.2.2 are affected as far as we know.
Previous By Date Next
Previous By Thread Next

Current thread: