Medium severity6.1NVD Advisory· Published Jan 16, 2018· Updated Jun 17, 2026
CVE-2014-6027
CVE-2014-6027
Description
Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.4 allow (1) remote attackers to inject arbitrary web script or HTML by leveraging failure to encode file contents when downloading a torrent file or (2) remote authenticated users to inject arbitrary web script or HTML via vectors involving a link to torrent details.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= 2.4+ 1 more
- (no CPE)range: = 2.4
- (no CPE)range: <=2.4
Patches
Vulnerability mechanics
References
3- bugs.debian.org/cgi-bin/bugreport.cginvdExploitIssue TrackingThird Party Advisory
- www.openwall.com/lists/oss-security/2014/09/02/3nvdIssue TrackingMailing ListThird Party Advisory
- www.securitytracker.com/id/1030791nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.