Lucene search

K
cveJpcertCVE-2013-0708
HistoryMar 01, 2013 - 5:40 a.m.

CVE-2013-0708

2013-03-0105:40:17
CWE-79
jpcert
web.nvd.nist.gov
26
cve-2013-0708
cross-site scripting
xss
dopvcomet* 0009b
http referer header
security vulnerability
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

57.2%

Cross-site scripting (XSS) vulnerability in dopvCOMET* 0009b allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled during display of the access log.

Affected configurations

Nvd
Node
bayashidopvcomet\*Match0009b
VendorProductVersionCPE
bayashidopvcomet\*0009cpe:2.3:a:bayashi:dopvcomet\*:0009:b:*:*:*:*:*:*

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

57.2%

Related for CVE-2013-0708