Cross-site scripting (XSS) vulnerability on Google Search Appliance (GSA) devices before 7.0.14.G.216 and 7.2 before 7.2.0.G.114, when dynamic navigation is configured, allows remote attackers to inject arbitrary web script or HTML via input included in a SCRIPT element.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: certcc
Published: 2014-05-08T10:00:00
Updated: 2024-08-06T09:13:10.257Z
Reserved: 2013-12-05T00:00:00
Link: CVE-2014-0362
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2014-05-08T10:55:03.107
Modified: 2019-07-18T12:27:48.130
Link: CVE-2014-0362
Redhat
No data.