CVE-2014-2235

N/A Unknown
Published: March 05, 2014 Modified: May 06, 2026
View on NVD

Description

Cross-site scripting (XSS) vulnerability in Askbot before 0.7.49 allows remote attackers to inject arbitrary web script or HTML via vectors related to the question search form.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://secunia.com/advisories/57163
Source: secalert@redhat.com
Vendor Advisory
http://www.openwall.com/lists/oss-security/2014/02/28/8
Source: secalert@redhat.com
http://www.securityfocus.com/bid/65885
Source: secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1070852
Source: secalert@redhat.com
https://github.com/ASKBOT/askbot-devel/commit/876e3662ff6b78cc6241338c15e3a0cb49edf4e2
Source: secalert@redhat.com
Exploit Patch
http://secunia.com/advisories/57163
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.openwall.com/lists/oss-security/2014/02/28/8
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/65885
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.redhat.com/show_bug.cgi?id=1070852
Source: af854a3a-2127-422b-91ae-364da2661108
https://github.com/ASKBOT/askbot-devel/commit/876e3662ff6b78cc6241338c15e3a0cb49edf4e2
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Patch

10 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.3%
53th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-79

Affected Vendors

askbot

Related CVEs

CVE-2026-8686 7.5
CVE-2026-4054 4.3
CVE-2026-4053 3.1
CVE-2026-46408 7.6
CVE-2026-46407 8.1