CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-2866

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1200%
EPSS Percentile14.48th
Published2014年4月15日
Last Modified2026年5月6日

Vulnerability Description

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 relies on client JavaScript code for access restrictions, which allows remote attackers to perform unspecified operations by modifying this code.

Affected Platforms (CPE)

📦
Paperthin

Commonspot Content Server

<= 7.0.1
📦
Paperthin

Commonspot Content Server

= 8.0.0
📦
Paperthin

Commonspot Content Server

= 8.0.1
📦
Paperthin

Commonspot Content Server

= 8.0.2

References & Advisories

🔗 http://www.kb.cert.org/vuls/id/437385
🔗 http://www.kb.cert.org/vuls/id/437385

関連する脆弱性情報

CVE-2005-45755.0

PaperThin CommonSpot Content Server 4.5 and earlier allow remote attackers to obtain sensitive information via an invalid errmsg p...

CVE-2005-45744.3

Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attack...

CVE-2010-04684.3

Cross-site scripting (XSS) vulnerability in utilities/longproc.cfm in PaperThin CommonSpot Content Server allows remote attackers ...

CVE-2014-844710.0

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code...