Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2013-4753

🗓️ 26 Dec 2014 23:00:00Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov👁 38 Views🌐 WEB

Claroline 1.11.9 XSS vulnerabilities allowing remote authenticated users to inject arbitrary web script or HTML via Search, First name, and Speakers fields.

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
CNVD		Multiple Cross-Site Scripting Vulnerabilities in Claroline (CNVD-2015-00108)
4 Jan 201500:00
cnvd
Cvelist		CVE-2013-4753
26 Dec 201423:00
cvelist
EUVD		EUVD-2013-4601
7 Oct 202500:30
euvd
NVD		CVE-2013-4753
26 Dec 201423:59
nvd
Prion		Cross site scripting
26 Dec 201423:59
prion
NVD
Node
clarolineclarolineRange1.11.9
SourceLink
xchgwww.xchg.info/
ParameterPositionPathDescriptionCWE
searchquery parammessaging/messagebox.phpXSS via Search field in inbox action to messaging/messagebox.phpCWE-79
qquery parammessaging/messagebox.phpXSS via Search field in inbox action to messaging/messagebox.phpCWE-79
queryquery parammessaging/messagebox.phpXSS via Search field in inbox action to messaging/messagebox.phpCWE-79
firstnamerequest bodyauth/profile.phpXSS via First name field in auth/profile.phpCWE-79
first_namerequest bodyauth/profile.phpXSS via First name field in auth/profile.phpCWE-79
namerequest bodyauth/profile.phpXSS via First name field in auth/profile.phpCWE-79
speakersrequest bodycalendar/agenda.phpXSS via Speakers field in rqAdd action to calendar/agenda.phpCWE-79
Speakersrequest bodycalendar/agenda.phpXSS via Speakers field in rqAdd action to calendar/agenda.phpCWE-79
speakers_listrequest bodycalendar/agenda.phpXSS via Speakers field in rqAdd action to calendar/agenda.phpCWE-79

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
16 Jun 2026 23:57Current
5.5Medium risk
Vulners AI Score5.5
CVSS 23.5
EPSS0.00782
CWE-79
cve-2013-4753clarolinexsscross-site scriptingremote authenticated usersinjectionweb scripthtmlsearchfirst namespeakers
38