MEDIUM🇵🇱 Wersja polska

CVE-2014-2843

CVSS 6.1v3.1pub. 2020-01-31upd. 2024-11-21

Cross-site scripting (XSS) vulnerability in infoware MapSuite MapAPI 1.0.x before 1.0.36 and 1.1.x before 1.1.49 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  • Infoware Mapsuite

    APP
    Infoware
    1.0 – 1.0.36 (bez)1.1.0 – 1.1.49 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2014-2232MEDIUM5.0ten sam produkt

Absolute path traversal vulnerability in the MapAPI in Infoware MapSuite before 1.0.36 and 1.1.x before 1.1.49...

CVE-2014-2233MEDIUM5.0ten sam produkt

Server-side request forgery (SSRF) vulnerability in the MapAPI in Infoware MapSuite before 1.0.36 and 1.1.x be...