Vulnerabilities > OK WEB Server Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-08-31 | CVE-2014-3148 | Cross-site Scripting vulnerability in OK web Server Project OK web Server Cross-site scripting (XSS) vulnerability in libahttp/err.c in OkCupid OKWS (OK Web Server) allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to a non-existent page, which is not properly handled in a 404 error page. | 4.3 |