Return to CVE list

CVE-2014-7852

4.3
Medium

CVE-2014-7852

secalert@redhat.com
Modified
View on MITREFind on GitHub

Description

Cross-site scripting (XSS) vulnerability in JBoss RichFaces, as used in JBoss Portal 6.1.1, allows remote attackers to inject arbitrary web script or HTML via crafted URL, which is not properly handled in a CSS file.

Exploits

No known exploits found for this CVE.

Search Exploit-DB

References

secalert@redhat.com
http://rhn.redhat.com/errata/RHSA-2014-1973.html
secalert@redhat.com
http://www.securitytracker.com/id/1031363
af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2014-1973.html
af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id/1031363