Unrated severityNVD Advisory· Published Nov 6, 2014· Updated May 6, 2026

CVE-2014-8352

Description

Cross-site scripting (XSS) vulnerability in json.php in French National Commission on Informatics and Liberty (aka CNIL) CookieViz allows remote we servers to inject arbitrary web script or HTML via the max_date parameter.

Affected products

French National Commission On Informatics And Liberty/Cookieviz
cpe:2.3:a:french_national_commission_on_informatics_and_liberty:cookieviz:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/LaboCNIL/CookieViz/commit/489b6050f6c53fe7b24c4bed3eeb9c25543960e2nvdPatch
packetstormsecurity.com/files/128960/CNIL-CookieViz-Cross-Site-Scripting-SQL-Injection.htmlnvdExploit
seclists.org/fulldisclosure/2014/Nov/3nvdExploit
exchange.xforce.ibmcloud.com/vulnerabilities/98452nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000