VYPR
Unrated severityNVD Advisory· Published Jun 18, 2014· Updated Jun 17, 2026

CVE-2014-3877

CVE-2014-3877

Description

Incomplete blacklist vulnerability in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allows remote attackers to conduct cross-site scripting (XSS) attacks via the addto parameter to fup.

Affected products

2
  • cpe:2.3:a:ulli_horlacher:fex:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ulli_horlacher:fex:*:*:*:*:*:*:*:*range: <=20140313
    • (no CPE)range: < 20140530

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.