Информационная безопасность
[RU] switch to English


CVECVE-2015-7370
СтатусCandidate
ОписаниеMultiple cross-site scripting (XSS) vulnerabilities in open-flash-chart.swf in Open Flash Chart 2, as used in the VideoAds plugin in Revive Adserver before 3.2.2, allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) data-file parameter.
Важность
Medium
CVSS score4,3
CVSS vector(AV:N/AC:M/Au:N/C:N/I:P/A:N)
PhaseAssigned (25.09.2015)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7370
ReferencesBUGTRAQ : 20151007 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities
 FULLDISC : 20151008 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities
 MISC : http://packetstormsecurity.com/files/133893/Revive...
 CONFIRM : http://www.revive-adserver.com/security/revive-sa-...
SecurityVulns:Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород