CVE-2014-3650 - AskarLabs CVE Database

CVE-2014-3650

Vendor N/A

Product Jboss Aerogear

Weakness CWE-79 · XSS

Published July 1, 2022

Last update August 6, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Multiple persistent cross-site scripting (XSS) flaws were found in the way Aerogear handled certain user-supplied content. A remote attacker could use these flaws to compromise the application with specially crafted input.

Key dates

02Disclosure timeline

July 1, 2022 CVE published

August 6, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2014-3650 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2023-46072 WordPress Add Shortcodes Actions And Filters Plugin <= 2.0.9 is vulnerable to Cross Site Scripting (XSS) CVE-2022-3958 Potential XSS on personal menu navigation CVE-2024-27287 ESPHome vulnerable to stored Cross-site Scripting in edit configuration file API CVE-2021-22510 CVE-2025-64829 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)