Lucene search

[email protected]CVE-2013-5706

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-5706

2022-10-0316:14:54

CWE-79

[email protected]

web.nvd.nist.gov

cve

2013

5706

xss

vulnerabilities

coursemill

lms

6.8

remote attackers

web script

html

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.2%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Coursemill Learning Management System (LMS) 6.8 allow remote attackers to inject arbitrary web script or HTML via vectors related to error messages and (1) crafted event attributes or (2) > (greater than) characters that are optional within a browser’s HTML implementation, a different issue than CVE-2013-3603.

Affected configurations

NVD

Node

trivantiscoursemill_learning_management_systemMatch6.8

CPENameOperatorVersion
trivantis:coursemill_learning_management_systemtrivantis coursemill learning management systemeq6.8

CPE	Name	Operator	Version
trivantis:coursemill_learning_management_system	trivantis coursemill learning management system	eq	6.8

References

www.kb.cert.org/vuls/id/960908

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.2%

JSON

Related for CVE-2013-5706

nvd2 prion2 cvelist2 cve1 cert1