Vulnerabilities (CVE)

Filtered by vendor Ok Web Server Project Subscribe
Filtered by product Ok Web Server
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-3148 1 Ok Web Server Project 1 Ok Web Server 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in libahttp/err.c in OkCupid OKWS (OK Web Server) allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to a non-existent page, which is not properly handled in a 404 error page.