Unrated severityNVD Advisory· Published Dec 11, 2014· Updated Jun 17, 2026
CVE-2014-7264
CVE-2014-7264
Description
Multiple cross-site scripting (XSS) vulnerabilities in admin/themes/default/pages/manage_users.twig in the Users Management feature in the admin component in Chyrp before 2.5.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) user.email or (2) user.website field in a user registration.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
4- chyrp.net/2014/11/18/chyrp-251-security-release/nvdVendor Advisory
- jvn.jp/en/jp/JVN13160869/index.htmlnvdVendor Advisory
- jvndb.jvn.jp/jvndb/JVNDB-2014-000149nvdVendor Advisory
- github.com/chyrp/chyrp/commit/43d1b6b266363ae7545d5d49851034eaeec7bebbnvdVendor Advisory
News mentions
0No linked articles in our index yet.