PT-2014-6406 · Filemaker · Filemaker Pro Advanced+1

Published

2014-09-22

Updated

2015-07-29

CVE-2014-5322

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions FileMaker Pro versions prior to 13 FileMaker Pro Advanced versions prior to 13

Description A cross-site scripting (XSS) issue exists in the Instant Web Publish function, allowing remote attackers to inject arbitrary web script or HTML. This issue arose due to an incorrect fix for a previous problem.

Recommendations For FileMaker Pro versions prior to 13, update to version 13 or later. For FileMaker Pro Advanced versions prior to 13, update to version 13 or later.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2014-5322

Affected Products

Filemaker Pro

Filemaker Pro Advanced

PT-2014-6406 · Filemaker · Filemaker Pro Advanced+1

CVE-2014-5322

Weakness Enumeration

Related Identifiers

Affected Products

References · 6