CVE-2014-4770
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2014-4770
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 6.x through 6.1.0.47, 7.0 before 7.0.0.35, 8.0 before 8.0.0.10, and 8.5 before 8.5.5.4 allows remote authenticated administrators to inject arbitrary web script or HTML via a crafted URL.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
IBM WebSphere Application Server 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
IBM WebSphere Application Server(WAS)是美国IBM公司开发并发行的一款应用服务器产品,它是Java EE和Web服务应用程序的平台,也是IBM WebSphere软件平台的基础。 IBM WAS中存在跨站脚本漏洞。远程攻击者可通过特制的URL利用该漏洞注入任意Web脚本或HTML。以下版本受到影响:IBM WebSphere Application Server (WAS) 6.x版本至6.1.0.47版本,7.0.0.35之前7.0版本,8.0.0.10之前8.0版本
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2014-4770
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2014-4770
请登录查看更多情报信息。
- http://www-01.ibm.com/support/docview.wss?uid=swg21682767x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2014-4770
Same Patch Batch · n/a · 2014-09-23 · 59 CVEs total
| CVE-2014-6674 | Android Amazighmusic应用程序加密问题漏洞 | |
| CVE-2014-6686 | Android Zoho Books - Accounting App应用程序加密问题漏洞 | |
| CVE-2014-6689 | Android JW Cards应用程序加密问题漏洞 | |
| CVE-2014-6688 | Android Voices.com应用程序加密问题漏洞 | |
| CVE-2014-6687 | Android wSaudichannelAlNasr应用程序加密问题漏洞 | |
| CVE-2014-6690 | Android InstaMessage - Instagram Chat应用程序加密问题漏洞 | |
| CVE-2014-6678 | Android Algeria Radio应用程序加密问题漏洞 | |
| CVE-2014-6677 | Android Ticket Round Up应用程序加密问题漏洞 | |
| CVE-2014-6676 | Android Exercitii pentru abdomen应用程序加密问题漏洞 | |
| CVE-2014-6675 | Android Ruta Exacta应用程序加密问题漏洞 | |
| CVE-2014-6679 | Android wEPISDParentPortal应用程序加密问题漏洞 | |
| CVE-2014-6673 | Android ChallengerTX应用程序加密问题漏洞 | |
| CVE-2014-6672 | Android Friendcaster应用程序加密问题漏洞 | |
| CVE-2014-6671 | Android World Cup 2014 Brazil - Xem TV应用程序加密问题漏洞 | |
| CVE-2014-6670 | Android SingaporeMotherhood Forum应用程序加密问题漏洞 | |
| CVE-2014-6669 | Android Inside Crochet应用程序加密问题漏洞 | |
| CVE-2014-6668 | Android African Radios Live应用程序加密问题漏洞 | |
| CVE-2014-6667 | Android racemotocross应用程序加密问题漏洞 | |
| CVE-2014-6666 | Android Baglamukhi应用程序加密问题漏洞 | |
| CVE-2014-6665 | Android Ahmed Bukhatir Nasheeds TV应用程序加密问题漏洞 |
Showing top 20 of 59 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8747
Z-BlogPHP Commend Approval c_system_event.php CheckComment i - CVE-2026-8746
Open5GS NRF nghttp2-server.c discover_handler use after free - CVE-2026-8745
Open5GS AUSF nausf-handler.c ogs_timer_add denial of service - CVE-2026-8744
Open5GS NRF context.c ogs_sbi_nf_service_add denial of servi - CVE-2026-8743
Open5GS AMF/MME context.c ran_ue_find_by_amf_ue_ngap_id impr
V. Comments for CVE-2014-4770
No comments yet