Unrated severityNVD Advisory· Published Jun 18, 2014· Updated Jun 17, 2026
CVE-2014-3877
CVE-2014-3877
Description
Incomplete blacklist vulnerability in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allows remote attackers to conduct cross-site scripting (XSS) attacks via the addto parameter to fup.
Affected products
2cpe:2.3:a:ulli_horlacher:fex:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ulli_horlacher:fex:*:*:*:*:*:*:*:*range: <=20140313
- (no CPE)range: < 20140530
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.