Medium severity6.1NVD Advisory· Published Mar 13, 2017· Updated May 13, 2026

CVE-2014-3926

Description

Cross-site scripting (XSS) vulnerability in lg.cgi in Cougar LG 1.9 allows remote attackers to inject arbitrary web script or HTML via the "addr" parameter.

Affected products

Lg Project/LG
cpe:2.3:a:lg_project:lg:*:*:*:*:*:*:*:*
Range: <=1.8

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/Cougar/lg/issues/3nvdIssue TrackingPatchThird Party Advisory
blog.talosintelligence.com/2014/09/looking-glasses-with-bacon.htmlnvdThird Party AdvisoryVDB Entry
gist.github.com/bittorrent3389/8fee7cdaa73d1d351ee9nvdIssue TrackingThird Party Advisory
hackerone.com/reports/16330nvdThird Party Advisory
tools.cisco.com/security/center/viewAlert.xnvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.397
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000