CVE-2014-0362

{"id": "CVE-2014-0362", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2014-05-08T10:55:03.107", "references": [{"url": "http://www.kb.cert.org/vuls/id/673313", "tags": ["Third Party Advisory", "US Government Resource"], "source": "cret@cert.org"}, {"url": "http://www.securityfocus.com/bid/67176", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cret@cert.org"}, {"url": "http://www.kb.cert.org/vuls/id/673313", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/67176", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability on Google Search Appliance (GSA) devices before 7.0.14.G.216 and 7.2 before 7.2.0.G.114, when dynamic navigation is configured, allows remote attackers to inject arbitrary web script or HTML via input included in a SCRIPT element."}, {"lang": "es", "value": "Vulnerabilidad de XSS en dispositivos Google Search Appliance (GSA) anterior a 7.0.14.G.216 y 7.2 anterior a 7.2.0.G.114, cuando navegaci\u00f3n din\u00e1mica est\u00e1 configurado, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de entradas incluidas en un elemento SCRIPT."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:google:search_appliance_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04FE7E1A-AB17-44AE-8FA4-29F895012CD2", "versionEndExcluding": "7.0.14.g.216", "versionStartIncluding": "7.0"}, {"criteria": "cpe:2.3:a:google:search_appliance_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48B60E4E-51A1-4C49-8C29-DA54DAD7B1B5", "versionEndExcluding": "7.2.0.g.114", "versionStartIncluding": "7.2"}], "operator": "OR"}]}], "sourceIdentifier": "cret@cert.org"}