CVE-2013-5744

Fengoffice Feng Office < 2.3.2 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in Feng Office 2.3.2-rc and earlier allows remote attackers to inject arbitrary web script or HTML via an arbitrary ref_XXX parameter.

References (2)

Scores

EPSS 0.0032
EPSS Percentile 54.5%

Details

CWE
CWE-79
Status published
Products (47)
fengoffice/feng_office < 2.3.2
fengoffice/feng_office
fengoffice/feng_office
fengoffice/feng_office
fengoffice/feng_office
fengoffice/feng_office
fengoffice/feng_office
fengoffice/feng_office
fengoffice/feng_office
fengoffice/feng_office
... and 37 more
Published Oct 28, 2013
Tracked Since Feb 18, 2026