PYSEC-2014-98
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/ajenti/PYSEC-2014-98.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2014-98
- Aliases
-
- CVE-2014-2260
- GHSA-9crx-p357-5vw8
- Published
- 2014-04-30T23:58:00Z
- Modified
- 2024-05-01T11:11:29.643507Z
- Summary
- [none]
- Details
-
Cross-site scripting (XSS) vulnerability in plugins/main/content/js/ajenti.coffee in Eugene Pankov Ajenti 1.2.13 allows remote authenticated users to inject arbitrary web script or HTML via the command field in the Cron functionality.
- References
Affected packages
PyPI / ajenti
Package
- Name
- ajenti
- View open source insights on deps.dev
- Purl
- pkg:pypi/ajenti
Affected ranges
- Type
- GIT
- Repo
- https://github.com/Eugeny/ajenti
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.2.14
Affected versions
0.*
0.99.7
0.99.8
0.99.11
0.99.19
0.99.20
0.99.21
0.99.22
0.99.23
0.99.24
0.99.25
0.99.26
0.99.27
0.99.28
0.99.29
0.99.30
0.99.31
0.99.32
0.99.33
0.99.34
0.99.35
0.99.36
0.99.37
0.99.38
0.99.39
1.*
1.0.0
1.0.1
1.0.2
1.0.3
1.0.8
1.1.0
1.1.1
1.1.2
1.1.3
1.1.4
1.1.5
1.1.6
1.1.8
1.1.8.2
1.1.9
1.1.9.1
1.1.9.2
1.1.9.3
1.2.0
1.2.1
1.2.2
1.2.3
1.2.4
1.2.5
1.2.6
1.2.6.1
1.2.6.2
1.2.7
1.2.8
1.2.9
1.2.10
1.2.11
1.2.11.1
1.2.11.2
1.2.13
1.2.13.1
1.2.13.2