VYPR
Unrated severityNVD Advisory· Published Oct 21, 2014· Updated Jun 17, 2026

CVE-2014-3111

CVE-2014-3111

Description

Multiple cross-site scripting (XSS) vulnerabilities in FOG 0.27 through 0.32 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Printer Model field to the Printer Management page, (2) Image Name field to the Image Management page, (3) Storage Group Name field to the Storage Management page, (4) Username field to the User Cleanup FOG Configuration page, or (5) Directory Path field to the Directory Cleaner FOG Configuration page.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • Fogproject/Fog6 versions
    cpe:2.3:a:fogproject:fog:0.27:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:fogproject:fog:0.27:*:*:*:*:*:*:*
    • cpe:2.3:a:fogproject:fog:0.28:*:*:*:*:*:*:*
    • cpe:2.3:a:fogproject:fog:0.29:*:*:*:*:*:*:*
    • cpe:2.3:a:fogproject:fog:0.30:*:*:*:*:*:*:*
    • cpe:2.3:a:fogproject:fog:0.31:*:*:*:*:*:*:*
    • cpe:2.3:a:fogproject:fog:0.32:*:*:*:*:*:*:*
  • Fog/FOGllm-create
    Range: >=0.27, <=0.32

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.