mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-11 16:47:12 +02:00
0xMarcio
736 B
736 B
CVE-2014-9714
Description
Cross-site scripting (XSS) vulnerability in the WddxPacket::recursiveAddVar function in HHVM (aka the HipHop Virtual Machine) before 3.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted string to the wddx_serialize_value function.
POC
Reference
Github
No PoCs found on GitHub currently.