Multiple Cross-Site Scripting Vulnerabilities in Chyrp Users Management
CVE-2014-7264

Currently unrated

Key Information:

Vendor

Chyrp

Status
Chyrp
Vendor
CVE Published:
11 December 2014

What is CVE-2014-7264?

Chyrp is susceptible to multiple cross-site scripting vulnerabilities in its Users Management feature, specifically in the admin component. These vulnerabilities allow remote authenticated users to inject arbitrary web scripts or HTML code via the user.email or user.website fields during user registration. This can lead to the execution of malicious scripts in the context of other users, potentially compromising the security of the application. It is crucial for administrators to update their Chyrp installations immediately to ensure protection against these threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000149
third-party-advisoryx_refsource_JVNDB
http://chyrp.net/2014/11/18/chyrp-251-security-release/
x_refsource_CONFIRM
http://jvn.jp/en/jp/JVN13160869/index.html
third-party-advisoryx_refsource_JVN

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.