CVE-2014-5343 - OpenCVE

Cross-site scripting (XSS) vulnerability in Feng Office allows remote attackers to inject arbitrary web script or HTML via a client Name field.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fengoffice	Feng Office

Configuration 1 [-]

OR	cpe:2.3:a:fengoffice:feng_office:1.6.2:::::::*
	cpe:2.3:a:fengoffice:feng_office:1.7:::::::*
	cpe:2.3:a:fengoffice:feng_office:1.7:beta::::::
	cpe:2.3:a:fengoffice:feng_office:1.7:beta2::::::
	cpe:2.3:a:fengoffice:feng_office:1.7:rc::::::
	cpe:2.3:a:fengoffice:feng_office:1.7:rc2::::::
	cpe:2.3:a:fengoffice:feng_office:1.7:rc3::::::
	cpe:2.3:a:fengoffice:feng_office:1.7.1:::::::*
	cpe:2.3:a:fengoffice:feng_office:1.7.2:::::::*
	cpe:2.3:a:fengoffice:feng_office:1.7.3.1:::::::*
	cpe:2.3:a:fengoffice:feng_office:1.7.4:::::::*
	cpe:2.3:a:fengoffice:feng_office:1.7.5:::::::*
	cpe:2.3:a:fengoffice:feng_office:1.7.5:beta::::::
	cpe:2.3:a:fengoffice:feng_office:1.7.5:rc2::::::
	cpe:2.3:a:fengoffice:feng_office:1.7.5:rc3::::::
	cpe:2.3:a:fengoffice:feng_office:2.0.0:::::::*
	cpe:2.3:a:fengoffice:feng_office:2.0.0:beta1::::::
	cpe:2.3:a:fengoffice:feng_office:2.0.0:beta2::::::
	cpe:2.3:a:fengoffice:feng_office:2.0.0:beta3::::::
	cpe:2.3:a:fengoffice:feng_office:2.0.0:beta4::::::
	cpe:2.3:a:fengoffice:feng_office:2.0.0:rc::::::
	cpe:2.3:a:fengoffice:feng_office:2.1.0:::::::*
	cpe:2.3:a:fengoffice:feng_office:2.1.0:beta::::::
	cpe:2.3:a:fengoffice:feng_office:2.1.0:rc::::::
	cpe:2.3:a:fengoffice:feng_office:2.1.0:rc2::::::
	cpe:2.3:a:fengoffice:feng_office:2.2.0:::::::*
	cpe:2.3:a:fengoffice:feng_office:2.2.0:beta::::::
	cpe:2.3:a:fengoffice:feng_office:2.2.0:rc::::::
	cpe:2.3:a:fengoffice:feng_office:2.2.1:::::::*
	cpe:2.3:a:fengoffice:feng_office:2.2.1:rc::::::
	cpe:2.3:a:fengoffice:feng_office:2.2.2:::::::*
	cpe:2.3:a:fengoffice:feng_office:2.2.3.1:::::::*
	cpe:2.3:a:fengoffice:feng_office:2.2.3.1:beta::::::
	cpe:2.3:a:fengoffice:feng_office:2.2.4:::::::*
	cpe:2.3:a:fengoffice:feng_office:2.2.4:beta::::::
	cpe:2.3:a:fengoffice:feng_office:2.2.4.1:::::::*
	cpe:2.3:a:fengoffice:feng_office:2.3:::::::*
	cpe:2.3:a:fengoffice:feng_office:2.3:beta::::::
	cpe:2.3:a:fengoffice:feng_office:2.3:rc::::::
	cpe:2.3:a:fengoffice:feng_office:2.3:rc2::::::
	cpe:2.3:a:fengoffice:feng_office:2.3.1:::::::*
	cpe:2.3:a:fengoffice:feng_office:2.3.1:beta::::::
	cpe:2.3:a:fengoffice:feng_office:2.3.1:rc::::::
	cpe:2.3:a:fengoffice:feng_office:2.3.1.1:::::::*
	cpe:2.3:a:fengoffice:feng_office:2.3.2:::::::*
	cpe:2.3:a:fengoffice:feng_office:2.3.2:beta::::::
	cpe:2.3:a:fengoffice:feng_office:2.3.2:rc::::::
	cpe:2.3:a:fengoffice:feng_office:2.3.2:rc2::::::
	cpe:2.3:a:fengoffice:feng_office:2.3.2.1:::::::*

No data.

References

Link	Providers
http://packetstormsecurity.com/files/127777/Feng-Office-Cross-Site-Scripting.html
http://www.securityfocus.com/bid/69080
https://exchange.xforce.ibmcloud.com/vulnerabilities/95173

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-08-19T18:00:00

Updated: 2024-08-06T11:41:48.638Z

Reserved: 2014-08-19T00:00:00

Link: CVE-2014-5343

Vulnrichment

No data.

NVD

Status : Modified

Published: 2014-08-19T18:55:03.343

Modified: 2017-09-08T01:29:05.713

Link: CVE-2014-5343

Redhat

No data.

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object