Cross-site Scripting Vulnerability in ntopng by ntop
CVE-2014-4329

Currently unrated

Key Information:

Vendor: Ntop
Status: Ntopng
Vendor: CVE Published:; 19 June 2014

What is CVE-2014-4329?

The Cross-site Scripting (XSS) vulnerability in ntopng 1.1 allows remote attackers to exploit the system by injecting arbitrary web scripts or HTML code via the 'host' parameter. This could lead to unauthorized data access and manipulation. Users of ntopng should apply available patches and updates to protect against such attacks.

References

https://svn.ntop.org/bugzilla/show_bug.cgi?id=379

x_refsource_MISC

http://www.ntop.org/ndpi/released-ndpi-1-5-1-and-ntopng-1...

x_refsource_CONFIRM

http://packetstormsecurity.com/files/127329/Ntop-NG-1.1-C...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2014
Vulnerability Reserved
Jun 18, 2014

CVE-2014-4329 Data

JSON