Cross-Site Scripting Vulnerability in Telerik UI for ASP.NET AJAX RadEditor
CVE-2014-4958

Currently unrated

Key Information:

Vendor

Telerik

Status
Asp.net Ajax Radeditor Control
Vendor
CVE Published:
26 September 2014

What is CVE-2014-4958?

The vulnerability allows remote attackers to inject arbitrary web script or HTML into Telerik UI for ASP.NET AJAX RadEditor via CSS expressions in style attributes. This can lead to unauthorized actions performed on behalf of other users, exposing sensitive data and compromising application security. Developers should implement proper input validation and output encoding to mitigate potential risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://packetstormsecurity.com/files/128414/Telerik-ASP.N...
x_refsource_MISC
http://www.securityfocus.com/archive/1/533537/30/0/threaded
mailing-listx_refsource_BUGTRAQ
http://maverickblogging.com/disclosing-cve-2014-4958-stor...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.