Cross-Site Scripting Vulnerability in FlatPress by FlatPress
CVE-2014-100036

Currently unrated

Key Information:

Vendor: Flatpress
Status: Flatpress
Vendor: CVE Published:; 13 January 2015

What is CVE-2014-100036?

The identified vulnerability in FlatPress 1.0.2 allows remote attackers to execute arbitrary web scripts or HTML through manipulation of the content parameter at the default URI, leading to potential website takeover, data exposure, and security breaches. Proper input validation and sanitization measures are essential to mitigate these risks.

References

https://www.netsparker.com/critical-xss-vulnerabilities-i...

x_refsource_MISC

http://secunia.com/advisories/57808

third-party-advisoryx_refsource_SECUNIA

https://github.com/evacchi/flatpress/issues/14

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 13, 2015
Vulnerability Reserved
Jan 13, 2015

Flatpress

What is CVE-2014-100036?

References

Timeline