Vulnerability - CVE-2014-3876

›

›vulnerability›CVE-2014-3876

Name

CVE-2014-3876

Source

NVD ( link)Debian ( link)

Description

Multiple cross-site scripting (XSS) vulnerabilities in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allow remote attackers to inject arbitrary web script or HTML via the (1) akey parameter to rup or (2) disclaimer or (3) gm parameter to fuc.

CWEs

Published Date

Jun 18, 2014

Updated Date

Jun 17, 2026

Workaround

-

Advisories

http://fex.rus.uni-stuttgart.de/fex.htmlPatch

http://packetstormsecurity.com/files/126906/F-EX-20140313-1-HTTP-Response-Splitting-Cross-Site-Scripting.htmlExploit

https://www.lsexperts.de/advisories/lse-2014-05-22.txtExploit

http://fex.rus.uni-stuttgart.de/fex.htmlPatch

http://packetstormsecurity.com/files/126906/F-EX-20140313-1-HTTP-Response-Splitting-Cross-Site-Scripting.htmlExploit

https://www.lsexperts.de/advisories/lse-2014-05-22.txtExploit

Analysis#

Affected Component

Analysis

Vulnerability Rating#

4.3

CVSSv2