Unrated severityNVD Advisory· Published Oct 26, 2014· Updated Jun 17, 2026
CVE-2014-6635
CVE-2014-6635
Description
Cross-site scripting (XSS) vulnerability in Exponent CMS 2.3.0 allows remote attackers to inject arbitrary web script or HTML via the src parameter in the search action to index.php.
Affected products
2cpe:2.3:a:exponentcms:exponent_cms:2.3.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:exponentcms:exponent_cms:2.3.0:*:*:*:*:*:*:*
- (no CPE)range: =2.3.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.