CVE Database · CVE-2014-5348
CVSS v3.1
N/A
EPSS
1.43%
Published
Aug 19, 2014
Modified
May 6, 2026
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Cross-site scripting (XSS) vulnerability in apps/zxtm/locallog.cgi in Riverbed Stingray (aka SteelApp) Traffic Manager Virtual Appliance 9.6 patchlevel 9620140312 allows remote attackers to inject arbitrary web script or HTML via the logfile parameter.
Weaknesses (CWE)
Affected Products (1)
References (4)
