Cross-Site Scripting Vulnerability in Feng Office by Feng Office
CVE-2014-5343

Currently unrated

Key Information:

Vendor: Fengoffice
Status: Feng Office
Vendor: CVE Published:; 19 August 2014

What is CVE-2014-5343?

Feng Office is susceptible to a Cross-Site Scripting (XSS) vulnerability that enables remote attackers to inject harmful web scripts or HTML into the client Name field. This flaw can potentially allow attackers to execute arbitrary scripts in the context of a user's browser session, leading to data theft, session hijacking, or further exploitation of the application.

References

http://www.securityfocus.com/bid/69080

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/95173

vdb-entryx_refsource_XF

http://packetstormsecurity.com/files/127777/Feng-Office-C...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 19, 2014
Vulnerability Reserved
Aug 19, 2014

Fengoffice

What is CVE-2014-5343?

References

Timeline