CVE-2014-7290 Atlas Systems Aeon XSS (Cross-Site Scripting) Vulnerability

Web-Security
Exploit Title: Atlas Systems Aeon XSS Vulnerability
Product: Aeon
Vendor: Atlas Systems
Vulnerable Versions: 3.6 3.5
Tested Version: 3.6
Advisory Publication: Nov 12, 2014
Latest Update: Nov 12, 2014
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-7290
Solution Status: Fixed by Vendor
Credit: Wang Jing [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore]

http://xingzhehong.lofter.com/post/1cfd0db2_55b5153

Advertisements