VYPR
Medium severity6.1NVD Advisory· Published Sep 19, 2014· Updated Jun 17, 2026

CVE-2014-4406

CVE-2014-4406

Description

Cross-site scripting (XSS) vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

15
  • cpe:2.3:o:apple:os_x_server:*:*:*:*:*:*:*:*+ 13 more
    • cpe:2.3:o:apple:os_x_server:*:*:*:*:*:*:*:*range: <=3.1.2
    • cpe:2.3:o:apple:os_x_server:2.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:os_x_server:2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:os_x_server:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:os_x_server:2.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:os_x_server:2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:os_x_server:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:os_x_server:3.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:os_x_server:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:os_x_server:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:os_x_server:3.0.3:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:os_x_server:3.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:os_x_server:3.1.1:*:*:*:*:*:*:*
    • (no CPE)range: <3.2.1
  • Range: <3.2.1

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.