Описание
Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and ZeroClipboard10.swf in ZeroClipboard before 1.0.8, as used in em-shorty, RepRapCalculator, Fulcrum, Django, aCMS, and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this is might be the same vulnerability as CVE-2013-1463. If so, it is likely that CVE-2013-1463 will be REJECTed.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Subscription Asset Manager | Django | Not affected | ||
| RHEL 6 Version of OpenShift Enterprise 1.2 | atlas | Fixed | RHEA-2013:1032 | 09.07.2013 |
| RHEL 6 Version of OpenShift Enterprise 1.2 | facter | Fixed | RHEA-2013:1032 | 09.07.2013 |
| RHEL 6 Version of OpenShift Enterprise 1.2 | gd | Fixed | RHEA-2013:1032 | 09.07.2013 |
| RHEL 6 Version of OpenShift Enterprise 1.2 | gdbm | Fixed | RHEA-2013:1032 | 09.07.2013 |
| RHEL 6 Version of OpenShift Enterprise 1.2 | geos | Fixed | RHEA-2013:1032 | 09.07.2013 |
| RHEL 6 Version of OpenShift Enterprise 1.2 | ghostscript | Fixed | RHEA-2013:1032 | 09.07.2013 |
| RHEL 6 Version of OpenShift Enterprise 1.2 | haproxy | Fixed | RHEA-2013:1032 | 09.07.2013 |
| RHEL 6 Version of OpenShift Enterprise 1.2 | ImageMagick | Fixed | RHEA-2013:1032 | 09.07.2013 |
| RHEL 6 Version of OpenShift Enterprise 1.2 | jasper | Fixed | RHEA-2013:1032 | 09.07.2013 |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and ZeroClipboard10.swf in ZeroClipboard before 1.0.8, as used in em-shorty, RepRapCalculator, Fulcrum, Django, aCMS, and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this is might be the same vulnerability as CVE-2013-1463. If so, it is likely that CVE-2013-1463 will be REJECTed.
Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and Zero ...
Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and ZeroClipboard10.swf in ZeroClipboard before 1.0.8, as used in em-shorty, RepRapCalculator, Fulcrum, Django, aCMS, and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this is might be the same vulnerability as CVE-2013-1463. If so, it is likely that CVE-2013-1463 will be REJECTed.
EPSS
4.3 Medium
CVSS2