exploitDog

CVE-2013-3394

Опубликовано: 27 нояб. 2013

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the web interface in Cisco Prime Network Registrar 8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted field, aka Bug ID CSCuh41429.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3394
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=31921
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3394
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=31921
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:prime_network_registrar:*:*:*:*:*:*:*:*

Версия до 8.1 (включая)

cpe:2.3:a:cisco:prime_network_registrar:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.00248

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-39c4-2c38-cpmv

github

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in the web interface in Cisco Prime Network Registrar 8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted field, aka Bug ID CSCuh41429.

EPSS

Процентиль: 48%

0.00248

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79