CVE-2014-7850 | SynScan

Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2014-7850

Cross-site scripting (XSS) vulnerability in the Web UI in FreeIPA 4.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to breadcrumb navigation.

Published: Nov 28, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-7850
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
freeipa / freeipa	4.0.5	4.0.5.x
freeipa / freeipa	4.1.1	4.1.1.x
freeipa / freeipa	4.0.2	4.0.2.x
freeipa / freeipa	4.0.0	4.0.0.x
freeipa / freeipa	4.0.3	4.0.3.x
freeipa / freeipa	4.1.0	4.1.0.x
freeipa / freeipa	4.0.1	4.0.1.x
freeipa / freeipa	4.0.4	4.0.4.x