Medium severity6.1NVD Advisory· Published Nov 22, 2019· Updated Jun 17, 2026
CVE-2014-2214
CVE-2014-2214
Description
Multiple cross-site scripting (XSS) vulnerabilities in POSH (aka Posh portal or Portaneo) 3.0 through 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) error parameter to /includes/plugins/mobile/scripts/login.php or (2) id parameter to portal/openrssarticle.php
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- POSH/POSHdescription
- Range: 3.0 - 3.2.1
Patches
Vulnerability mechanics
References
2- sysdream.com/news/lab/posh-3-2-1-multiple-vulnerabilities/nvdExploitThird Party Advisory
- seclists.org/oss-sec/2014/q1/444nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.