CVE-2014-3014Cross-site Scripting in IBM Sametime

CWE-79Cross-site Scripting4 documents4 sources
Severity
3.5LOWNVD
EPSS
0.2%
top 59.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Sametime
Timeline
PublishedMay 26
Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in the Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 6.8 | Impact: 2.9

Affected Packages1 packages

NVDibm/sametime12 versions+11

🔴Vulnerability Details

2
GHSA
GHSA-q274-pcq9-cp67: Cross-site scripting (XSS) vulnerability in the Meeting Server in IBM Sametime 82022-05-17
CVEList
CVE-2014-3014: Cross-site scripting (XSS) vulnerability in the Meeting Server in IBM Sametime 82014-05-26

💥Exploits & PoCs

1
Exploit-DB
TeamSpeak Client 3.0.14 - Buffer Overflow2014-10-02
CVE-2014-3014 — Cross-site Scripting in IBM Sametime | cvebase