FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

i2p -- Multiple Vulnerabilities

Affected packages
i2p < 0.9.14


VuXML ID 13419364-1685-11e4-bf04-60a44c524f57
Discovery 2014-07-24
Entry 2014-07-28

The i2p project reports:

XSS and remote execution vulnerabilities reported by Exodus Intelligence.

Exodus Intelligence reports:

The vulnerability we have found is able to perform remote code execution with a specially crafted payload. This payload can be customized to unmask a user and show the public IP address in which the user connected from within 'a couple of seconds.'