CVE-2014-8490 TennisConnect COMPONENTS System XSS (Cross-Site Scripting) Security Vulnerability

Posted by Jing Wang on Dec 19

*CVE-2014-8490 TennisConnect COMPONENTS System XSS (Cross-Site Scripting)
Security Vulnerability*

Exploit Title: TennisConnect “TennisConnect COMPONENTS System” /index.cfm
pid Parameter XSS
Product: TennisConnect COMPONENTS System
Vendor: TennisConnect
Vulnerable Versions: 9.927
Tested Version: 9.927
Advisory Publication: Nov 18, 2014
Latest Update: Nov 18, 2014
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference:…

Leave a Reply