Unrated severityNVD Advisory· Published Jul 20, 2014· Updated Jun 17, 2026
CVE-2014-3894
CVE-2014-3894
Description
Cross-site scripting (XSS) vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:php_kobo:multifunctional_mailform_free:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:php_kobo:multifunctional_mailform_free:*:*:*:*:*:*:*:*range: <=-
- (no CPE)range: <= 2014/1/28
Patches
Vulnerability mechanics
References
2- jvn.jp/en/jp/JVN41028866/index.htmlnvdVendor Advisory
- jvndb.jvn.jp/jvndb/JVNDB-2014-000079nvdVendor Advisory
News mentions
0No linked articles in our index yet.