Unrated severityNVD Advisory· Published Jul 3, 2014· Updated Jun 17, 2026
CVE-2014-2965
CVE-2014-2965
Description
Cross-site scripting (XSS) vulnerability in auth-settings-x.php in SpamTitan before 6.04 allows remote attackers to inject arbitrary web script or HTML via the sortdir parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13cpe:2.3:a:spamtitan:spamtitan:*:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:spamtitan:spamtitan:*:*:*:*:*:*:*:*range: <=6.03
- cpe:2.3:a:spamtitan:spamtitan:5.04:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:5.05:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:5.06:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:5.07:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:5.08:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:5.10:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:5.11:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:5.12:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:5.13:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:6.00:*:*:*:*:*:*:*
- cpe:2.3:a:spamtitan:spamtitan:6.01:*:*:*:*:*:*:*
- (no CPE)range: <6.04
Patches
Vulnerability mechanics
References
4- www.kb.cert.org/vuls/id/849500nvdThird Party AdvisoryUS Government Resource
- packetstormsecurity.com/files/127184/SpamTitan-6.01-Cross-Site-Scripting.htmlnvd
- seclists.org/fulldisclosure/2014/Jun/113nvd
- www.securityfocus.com/bid/68143nvd
News mentions
0No linked articles in our index yet.