Vulnerability Details : CVE-2014-3994
Potential exploit
Cross-site scripting (XSS) vulnerability in util/templatetags/djblets_js.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django, as used in Review Board, allows remote attackers to inject arbitrary web script or HTML via a JSON object, as demonstrated by the name field when changing a user name.
Vulnerability category: Cross site scripting (XSS)
Products affected by CVE-2014-3994
- cpe:2.3:a:reviewboard:reviewboard:-:*:*:*:*:*:*:*
- cpe:2.3:a:reviewboard:djblets:*:*:*:*:*:*:*:*
- cpe:2.3:a:reviewboard:djblets:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:reviewboard:djblets:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:reviewboard:djblets:0.7.28:*:*:*:*:*:*:*
- cpe:2.3:a:reviewboard:djblets:0.7.27:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-3994
1.25%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 85 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-3994
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2014-3994
-
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-3994
-
http://www.securityfocus.com/bid/67932
Djblets 'json_dumps()' Function HTML Injection VulnerabilityThird Party Advisory;VDB Entry
-
https://code.google.com/p/reviewboard/issues/detail?id=3406
Google Code Archive - Long-term storage for Google Code Project Hosting.Not Applicable
-
http://seclists.org/oss-sec/2014/q2/494
oss-sec: Requesting CVEs issued for two XSS vulnerabilities in Djblets (a set of Django helpers)Third Party Advisory;VDB Entry
-
https://github.com/djblets/djblets/commit/50000d0bbb983fa8c097b588d06b64df8df483bd
Update the 0.7.30 release notes with the CVEs. · djblets/djblets@50000d0 · GitHubPatch;Issue Tracking
-
https://github.com/djblets/djblets/commit/77a68c03cd619a0996f3f37337b8c39ca6643d6e
Fix a XSS vulnerability with bad input to json_dumps. · djblets/djblets@77a68c0 · GitHubExploit;Patch;Issue Tracking
-
https://github.com/djblets/djblets/commit/e2c79117efd925636acd871a5f473512602243cf
Update the 0.8.3 release notes with the CVEs. · djblets/djblets@e2c7911 · GitHubPatch;Issue Tracking
-
http://seclists.org/oss-sec/2014/q2/498
oss-sec: Re: Requesting CVEs issued for two XSS vulnerabilities in Djblets (a set of Django helpers)Third Party Advisory;VDB Entry
Jump to