CVE-2014-5391

Name of the Vulnerable Software and Affected Versions SOS JobScheduler versions prior to 1.6.4246 SOS JobScheduler versions 1.7.x prior to 1.7.4241

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the location.hash property.

Recommendations For SOS JobScheduler versions prior to 1.6.4246, update to version 1.6.4246 or later. For SOS JobScheduler versions 1.7.x prior to 1.7.4241, update to version 1.7.4241 or later.