Unrated severityNVD Advisory· Published Mar 5, 2014· Updated May 6, 2026
CVE-2014-2236
CVE-2014-2236
Description
Multiple cross-site scripting (XSS) vulnerabilities in Askbot before 0.7.49 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) tag or (2) user search forms.
Affected products
9cpe:2.3:a:askbot:askbot:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:askbot:askbot:*:*:*:*:*:*:*:*range: <=0.7.48
- cpe:2.3:a:askbot:askbot:0.7.40:*:*:*:*:*:*:*
- cpe:2.3:a:askbot:askbot:0.7.41:*:*:*:*:*:*:*
- cpe:2.3:a:askbot:askbot:0.7.42:*:*:*:*:*:*:*
- cpe:2.3:a:askbot:askbot:0.7.43:*:*:*:*:*:*:*
- cpe:2.3:a:askbot:askbot:0.7.44:*:*:*:*:*:*:*
- cpe:2.3:a:askbot:askbot:0.7.45:*:*:*:*:*:*:*
- cpe:2.3:a:askbot:askbot:0.7.46:*:*:*:*:*:*:*
- cpe:2.3:a:askbot:askbot:0.7.47:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- github.com/ASKBOT/askbot-devel/commit/876e3662ff6b78cc6241338c15e3a0cb49edf4e2nvdExploitPatch
- github.com/ASKBOT/askbot-devel/commit/a676a86b6b7a5737d4da4f59f71e037406f88d29nvdExploitPatch
- secunia.com/advisories/57163nvdVendor Advisory
- www.openwall.com/lists/oss-security/2014/02/28/8nvd
- www.securityfocus.com/bid/65885nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.