{"id":"CVE-2014-7850","details":"Cross-site scripting (XSS) vulnerability in the Web UI in FreeIPA 4.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to breadcrumb navigation.","modified":"2026-01-27T04:13:21.428755Z","published":"2014-11-28T15:59:01Z","withdrawn":"2026-01-27T04:13:21.428755Z","references":[{"type":"ADVISORY","url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144848.html"},{"type":"ADVISORY","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1165280"},{"type":"ADVISORY","url":"https://fedorahosted.org/freeipa/ticket/4742"}],"schema_version":"1.7.3"}