CVE-2014-0638
RSA Adaptive Authentication (On-Premise) 6.x and 7.x < 7.1 SP0 P2 - Cross-Site Scripting via FRAME Elements
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in RSA Adaptive Authentication (On-Premise) 6.x and 7.x before 7.1 SP0 P2 allows remote attackers to inject arbitrary web script or HTML via vectors involving FRAME elements, related to a "cross-frame scripting" issue.
References (1)
Core 1
Core References
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2014-04/0007.html
Scores
EPSS
0.0020
EPSS Percentile
42.1%
Details
CWE
CWE-79
Status
published
Products (4)
emc/rsa_adaptive_authentication_on-premise
6.0
emc/rsa_adaptive_authentication_on-premise
6.0.2.1 (7 CPE variants)
emc/rsa_adaptive_authentication_on-premise
7.0
emc/rsa_adaptive_authentication_on-premise
7.1
Published
Apr 04, 2014
Tracked Since
Feb 18, 2026