CVE-2014-2844

https://notcve.org/view.php?id=CVE-2014-2844

18 Apr 2014 — Cross-site scripting (XSS) vulnerability in F-Secure Messaging Secure Gateway 7.5.0 before Patch 1862 allows remote authenticated administrators to inject arbitrary web script or HTML via the new parameter in the SysUser module to admin. Vulnerabilidad de XSS en F-Secure Messaging Secure Gateway 7.5.0 anterior a Patch 1862 permite a administradores remotos autenticados inyectar script Web o HTML arbitrarios a través del parámetro nuevo en el módulo SysUser hacia admin. • http://seclists.org/fulldisclosure/2014/Apr/223 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •