Unrated severityNVD Advisory· Published Apr 17, 2014· Updated Jun 17, 2026
CVE-2014-2879
CVE-2014-2879
Description
Multiple cross-site scripting (XSS) vulnerabilities in Dell SonicWALL Email Security 7.4.5 and earlier allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the uploadPatch parameter to the System/Advanced page (settings_advanced.html) or (2) the uploadLicenses parameter in the License management (settings_upload_dlicense.html) page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=7.4.5
Patches
Vulnerability mechanics
References
6- seclists.org/fulldisclosure/2014/Mar/409nvdExploitMailing ListThird Party Advisory
- www.vulnerability-lab.com/get_content.phpnvdExploit
- www.securityfocus.com/bid/66501nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1029965nvdThird Party AdvisoryVDB Entry
- www.sonicwall.com/us/shared/download/Support-Bulletin_Email-Security_Scripting_Vulnerability__Resolved_in__ES746.pdfnvdBroken Link
- www.securityfocus.com/archive/1/531642/100/0/threadednvd
News mentions
0No linked articles in our index yet.