Unrated severityNVD Advisory· Published Jul 20, 2014· Updated May 6, 2026
CVE-2014-3894
CVE-2014-3894
Description
Cross-site scripting (XSS) vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header.
Affected products
1- cpe:2.3:a:php_kobo:multifunctional_mailform_free:*:*:*:*:*:*:*:*Range: <=-
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- jvn.jp/en/jp/JVN41028866/index.htmlnvdVendor Advisory
- jvndb.jvn.jp/jvndb/JVNDB-2014-000079nvdVendor Advisory
News mentions
0No linked articles in our index yet.