Lucene search

[email protected]CVE-2013-4884

HistoryJan 21, 2014 - 6:55 p.m.

CVE-2013-4884

2014-01-2118:55:09

CWE-79

[email protected]

web.nvd.nist.gov

cve-2013-4884

cross-site scripting

xss

vulnerability

mcafee superscan 4.0

nvd

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.9%

JSON

Cross-site scripting (XSS) vulnerability in McAfee SuperScan 4.0 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded sequences in a server response, which is not properly handled in the SuperScan HTML report.

Affected configurations

NVD

Node

mcafeesuperscanMatch4.0

CPENameOperatorVersion
mcafee:superscanmcafee superscaneq4.0

CPE	Name	Operator	Version
mcafee:superscan	mcafee superscan	eq	4.0

References

seclists.org/fulldisclosure/2013/Aug/68

www.exploit-db.com/exploits/27406

www.securityfocus.com/bid/61640

exchange.xforce.ibmcloud.com/vulnerabilities/86257

kc.mcafee.com/corporate/index?page=content&id=KB78992

www.trustwave.com/spiderlabs/advisories/TWSL2013-024.txt

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.9%

JSON

Related for CVE-2013-4884

cvelist1 seebug1 exploitpack1 nvd1 packetstorm1 prion1 exploitdb1