CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 1CVE-2014-2844
https://notcve.org/view.php?id=CVE-2014-2844
Cross-site scripting (XSS) vulnerability in F-Secure Messaging Secure Gateway 7.5.0 before Patch 1862 allows remote authenticated administrators to inject arbitrary web script or HTML via the new parameter in the SysUser module to admin. Vulnerabilidad de XSS en F-Secure Messaging Secure Gateway 7.5.0 anterior a Patch 1862 permite a administradores remotos autenticados inyectar script Web o HTML arbitrarios a través del parámetro nuevo en el módulo SysUser hacia admin. • http://seclists.org/fulldisclosure/2014/Apr/223 http://secunia.com/advisories/58038 http://www.f-secure.com/en/web/labs_global/fsc-2014-2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •