CVE-2014-3207
Sks Keyserver < 1.1.4 - XSS
Title source: ruleDescription
Cross-site scripting (XSS) vulnerability in wserver.ml in SKS Keyserver before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to pks/lookup/undefined1.
References (5)
Scores
EPSS
0.0031
EPSS Percentile
53.5%
Details
CWE
CWE-79
Status
published
Products (13)
sks_keyserver_project/sks_keyserver
< 1.1.4
sks_keyserver_project/sks_keyserver
sks_keyserver_project/sks_keyserver
sks_keyserver_project/sks_keyserver
sks_keyserver_project/sks_keyserver
sks_keyserver_project/sks_keyserver
sks_keyserver_project/sks_keyserver
sks_keyserver_project/sks_keyserver
sks_keyserver_project/sks_keyserver
sks_keyserver_project/sks_keyserver
... and 3 more
Published
May 08, 2014
Tracked Since
Feb 18, 2026