Rexx-systems : Security vulnerabilities, CVEs

CVE-2014-1224

Incomplete blacklist vulnerability in the user registration feature in rexx Recruitment R6.1 and R7 without "fixes from 2014-01-15" allows remote attackers to conduct cross-site scripting (XSS) attacks via the oninput event handler in the fname parameter to the default URI in /reg.

Max CVSS

4.3

EPSS Score

0.29%

Published

2014-10-06

Updated

2018-10-09

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

Rexx-systems : Security Vulnerabilities, CVEs,

CVE-2014-1224