CVE-2013-6465

Опубликовано: 19 дек. 2017

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in JBPM KIE Workbench 6.0.x allow remote authenticated users to inject arbitrary web script or HTML via vectors related to task name html inputs.

Ссылки

https://bugzilla.redhat.com/show_bug.cgi?id=1048380
Issue Tracking
Patch
https://github.com/kiegroup/jbpm-wb/commit/4818204506e8e94645b52adb9426bedfa9ffdd04
Patch
https://github.com/kiegroup/jbpm-wb/compare/6.0.x
Release Notes
https://bugzilla.redhat.com/show_bug.cgi?id=1048380
Issue Tracking
Patch
https://github.com/kiegroup/jbpm-wb/commit/4818204506e8e94645b52adb9426bedfa9ffdd04
Patch
https://github.com/kiegroup/jbpm-wb/compare/6.0.x
Release Notes

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:jbpm:6.0.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:jbpm:6.0.0:alpha7:*:*:*:*:*:*

cpe:2.3:a:redhat:jbpm:6.0.0:alpha9:*:*:*:*:*:*

cpe:2.3:a:redhat:jbpm:6.0.0:beta1:*:*:*:*:*:*

cpe:2.3:a:redhat:jbpm:6.0.0:beta2:*:*:*:*:*:*

cpe:2.3:a:redhat:jbpm:6.0.0:beta3:*:*:*:*:*:*

cpe:2.3:a:redhat:jbpm:6.0.0:beta4:*:*:*:*:*:*

cpe:2.3:a:redhat:jbpm:6.0.0:beta5:*:*:*:*:*:*

cpe:2.3:a:redhat:jbpm:6.0.0:cr1:*:*:*:*:*:*

cpe:2.3:a:redhat:jbpm:6.0.0:cr2:*:*:*:*:*:*

cpe:2.3:a:redhat:jbpm:6.0.0:cr3:*:*:*:*:*:*

cpe:2.3:a:redhat:jbpm:6.0.0:cr4:*:*:*:*:*:*

cpe:2.3:a:redhat:jbpm:6.0.0:cr5:*:*:*:*:*:*

EPSS

Процентиль: 37%

0.00159

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

CVE-2013-6465

redhat

около 12 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in JBPM KIE Workbench 6.0.x allow remote authenticated users to inject arbitrary web script or HTML via vectors related to task name html inputs.

GHSA-g34w-4mj2-gjww

CVSS3: 5.4

github

больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in JBPM KIE Workbench 6.0.x allow remote authenticated users to inject arbitrary web script or HTML via vectors related to task name html inputs.

EPSS

Процентиль: 37%

0.00159

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79