Lucene search
CertccCVE-2013-0129HistoryApr 19, 2013 - 11:44 a.m.
CVE-2013-0129
2013-04-1911:44:10
CWE-79
certcc
web.nvd.nist.gov
26
xss
vulnerability
pd-admin
web script
html
remote authenticated users
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
33.3%
Multiple cross-site scripting (XSS) vulnerabilities in pd-admin before 4.17 allow remote authenticated users to inject arbitrary web script or HTML via (1) the WebFTP Overview “Create new directory” field or (2) the body of an e-mail autoresponder message.
Affected configurations
Node
pd-adminpd-adminRange≤4.16
Related
cert
cert
pd-admin contains cross-site scripting vulnerabilities
2013-04-15 00:00:00
prion
prion
Cross site scripting
2013-04-19 11:44:00
cvelist
cvelist
CVE-2013-0129
2013-04-19 10:00:00
nvd
nvd
CVE-2013-0129
2013-04-19 11:44:10
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
33.3%
Related for CVE-2013-0129