CVE-2013-6465

Опубликовано: 06 фев. 2014

Источник: redhat

CVSS2: 3.5

Описание

Multiple cross-site scripting (XSS) vulnerabilities in JBPM KIE Workbench 6.0.x allow remote authenticated users to inject arbitrary web script or HTML via vectors related to task name html inputs.

Отчет

This issue does not affect jBPM KIE Workbench as shipped with Red Hat JBoss BPM Suite 6.0.0. It may affect earlier versions of the upstream jBPM Console NG project.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat JBoss BRMS 5	Workbench	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-79

https://bugzilla.redhat.com/show_bug.cgi?id=1048380Workbench: Multiple stored XSS issues

3.5 Low

CVSS2

Связанные уязвимости

CVE-2013-6465

CVSS3: 5.4

nvd

около 8 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in JBPM KIE Workbench 6.0.x allow remote authenticated users to inject arbitrary web script or HTML via vectors related to task name html inputs.

GHSA-g34w-4mj2-gjww

CVSS3: 5.4

github

больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in JBPM KIE Workbench 6.0.x allow remote authenticated users to inject arbitrary web script or HTML via vectors related to task name html inputs.

3.5 Low

CVSS2