Lucene search
HistoryJun 17, 2013 - 11:38 a.m.
CVE-2013-1095
cve-2013-1095
xss
vulnerability
zcc
njwc.jar
novell
zenworks configuration management
remote attackers
web script
html
onerror event
5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
54.7%
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError event.
Related
prion
prion
Cross site scripting
2013-06-17 11:38:00
cvelist
cvelist
CVE-2013-1095
2013-06-17 10:00:00
nessus
nessus
5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
54.7%
Related for CVE-2013-1095