Vulnerability CVE-2014-5464

Vulnerability CVE-2014-5464

Published: 2014-09-08

Description:

	Topic	Author	Date
Low	ntopng 1.2.0 Cross Site Scripting	Steffen Bauch	26.08.2014

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Affected software
NTOP -> Ntopng

http://packetstormsecurity.com/files/127995/ntopng-1.2.0-Cross-Site-Scripting.html

http://seclists.org/fulldisclosure/2014/Aug/65

http://seclists.org/fulldisclosure/2014/Sep/22

http://seclists.org/fulldisclosure/2014/Sep/28

http://www.exploit-db.com/exploits/34419

http://www.ntop.org/ndpi/released-ndpi-1-5-1-and-ntopng-1-2-1/

http://www.securityfocus.com/archive/1/533222/100/0/threaded

http://www.securityfocus.com/archive/1/533332/100/0/threaded

http://www.securityfocus.com/bid/69385

https://exchange.xforce.ibmcloud.com/vulnerabilities/95461