CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-3894

Cross-site scripting (XSS) vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 48.0%

CVSS Severity

CVSS v2 Score 4.3

References

http://jvn.jp/en/jp/JVN41028866/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000079
http://jvn.jp/en/jp/JVN41028866/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000079

Products affected by CVE-2014-3894

Php Kobo » Multifunctional Mailform Free » Version: Any

cpe:2.3:a:php_kobo:multifunctional_mailform_free:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-3894

Products

Pricing

Contact Us