CVE-2014-10065
CVE-2014-10065
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 1.0%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
31 May 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Certain input when passed into remarkable before 1.4.1 will bypass the bad protocol check that disallows the javascript: scheme allowing for javascript: url's to be injected into the rendered content.
Affected products
HackerOne · remarkable node moduleWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →