Search...

CVE-2013-6960

2013-12-14T17:55:14

ID CVE-2013-6960
Type cve
Reporter NVD
Modified 2017-11-28T21:29:06

Description

Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx Meeting Center allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36248.

JSON Vulners Source

Initial Source

{"title": "CVE-2013-6960", "reporter": "NVD", "published": "2013-12-14T17:55:14", "cpe": ["cpe:/a:cisco:webex_meeting_center:-"], "cvelist": ["CVE-2013-6960"], "viewCount": 0, "objectVersion": "1.3", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6960", "bulletinFamily": "NVD", "hashmap": [{"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "c440f3a68c5c4d097b7f1a69659cd224", "key": "cpe"}, {"hash": "c13b6a1b7d4c289b1347db2d89e95a5e", "key": "cvelist"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "8955c279570af7485cd579307c9c4533", "key": "description"}, {"hash": "97036a1371e72d02cf5c93936b470e6e", "key": "href"}, {"hash": "6e4f37f9b73f27503402cef51a617ffc", "key": "modified"}, {"hash": "c1db95a3b83bccf5546ad128a97eeea9", "key": "published"}, {"hash": "15e6fbcd0bc4bfb79d07ec606a31cee8", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "81e34b2e3d2abcf31d127b237ce2800b", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}], "history": [{"bulletin": {"reporter": "NVD", "published": "2013-12-14T17:55:14", "cvelist": ["CVE-2013-6960"], "title": "CVE-2013-6960", "objectVersion": "1.2", "description": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx Meeting Center allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36248.", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6960", "bulletinFamily": "NVD", "id": "CVE-2013-6960", "history": [], "scanner": [], "enchantments": {}, "modified": "2013-12-16T14:53:18", "hash": "82e3448dffda1baae09b71e525343996cbd04d04602c2061269be55980d4e4fc", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "viewCount": 0, "edition": 1, "cpe": ["cpe:/a:cisco:webex_meeting_center:-"], "references": ["http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6960", "http://tools.cisco.com/security/center/viewAlert.x?alertId=32152"], "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "97036a1371e72d02cf5c93936b470e6e", "key": "href"}, {"hash": "c440f3a68c5c4d097b7f1a69659cd224", "key": "cpe"}, {"hash": "c1db95a3b83bccf5546ad128a97eeea9", "key": "published"}, {"hash": "eba5c8bf69983f482bca026d9ace8618", "key": "references"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "c13b6a1b7d4c289b1347db2d89e95a5e", "key": "cvelist"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "5e226a3cc021706ec03922fcb737d453", "key": "modified"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "81e34b2e3d2abcf31d127b237ce2800b", "key": "title"}, {"hash": "8955c279570af7485cd579307c9c4533", "key": "description"}], "lastseen": "2016-09-03T19:16:02", "assessment": {"name": "", "href": "", "system": ""}}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T19:16:02"}, {"bulletin": {"reporter": "NVD", "published": "2013-12-14T17:55:14", "cvelist": ["CVE-2013-6960"], "title": "CVE-2013-6960", "objectVersion": "1.3", "description": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx Meeting Center allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36248.", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6960", "bulletinFamily": "NVD", "id": "CVE-2013-6960", "history": [], "scanner": [], "enchantments": {}, "modified": "2017-11-15T21:29:00", "hash": "9e2f47757c0c5c6ed462add7edce2c2efaf09f6999b0212080eb743198a9c2ce", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "viewCount": 0, "edition": 2, "cpe": ["cpe:/a:cisco:webex_meeting_center:-"], "references": ["http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6960", "http://www.securitytracker.com/id/1029494", "http://osvdb.org/100904", "http://xforce.iss.net/xforce/xfdb/89693", "http://tools.cisco.com/security/center/viewAlert.x?alertId=32152", "http://www.securityfocus.com/bid/64273"], "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "97036a1371e72d02cf5c93936b470e6e", "key": "href"}, {"hash": "c440f3a68c5c4d097b7f1a69659cd224", "key": "cpe"}, {"hash": "c1db95a3b83bccf5546ad128a97eeea9", "key": "published"}, {"hash": "efa7344c9fb309f3e7d7b2e2d6cd2276", "key": "modified"}, {"hash": "ac0bf1a898215ed7f6f01e568e33840c", "key": "references"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "c13b6a1b7d4c289b1347db2d89e95a5e", "key": "cvelist"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "81e34b2e3d2abcf31d127b237ce2800b", "key": "title"}, {"hash": "8955c279570af7485cd579307c9c4533", "key": "description"}], "lastseen": "2017-11-16T12:25:37", "assessment": {"name": "", "href": "", "system": ""}}, "differentElements": ["references", "modified"], "edition": 2, "lastseen": "2017-11-16T12:25:37"}], "scanner": [], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "modified": "2017-11-28T21:29:06", "hash": "18699a59ad693bd82b9e9583319e87155aa815e407294649c4458277a900f547", "enchantments": {"vulnersScore": 4.3}, "edition": 3, "description": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx Meeting Center allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36248.", "references": ["http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6960", "http://www.securitytracker.com/id/1029494", "http://osvdb.org/100904", "https://exchange.xforce.ibmcloud.com/vulnerabilities/89693", "http://tools.cisco.com/security/center/viewAlert.x?alertId=32152", "http://www.securityfocus.com/bid/64273"], "id": "CVE-2013-6960", "lastseen": "2017-11-29T12:15:09", "assessment": {"name": "", "href": "", "system": ""}}

{"result": {"seebug": [{"id": "SSV:61177", "type": "seebug", "title": "Cisco WebEx Meeting Center\u591a\u4e2a\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e", "description": "Bugtraq ID:64273\r\nCVE ID:CVE-2013-6960\r\n\r\nCisco WebEx\u662f\u4e00\u6b3e\u7f51\u7edc\u4f1a\u8bae\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nCisco WebEx Meeting Center\u5b58\u5728\u591a\u4e2a\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u6784\u5efa\u6076\u610fURI\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\uff0c\u5f53\u6076\u610f\u6570\u636e\u88ab\u67e5\u770b\u65f6\u53ef\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u6216\u8005\u52ab\u6301\u7528\u6237\u4f1a\u8bdd\u3002\n0\nCisco WebEx Meeting Center\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nCisco\r\n-----\r\n\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\n\r\nhttp://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6960", "published": "2013-12-18T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.seebug.org/vuldb/ssvid-61177", "cvelist": ["CVE-2013-6960"], "lastseen": "2017-11-19T17:39:33"}], "cisco": [{"id": "CISCO-SA-20131213-CVE-2013-6960", "type": "cisco", "title": "Cisco WebEx Multiple Cross-Site Scripting Vulnerabilities ", "description": "Multiple vulnerabilities in Cisco WebEx Business Suite could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack.\n\nThe vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by convincing a user to click a crafted URL.\n\nCisco has confirmed the vulnerability in a security notice; however, software updates are not available.\n\nTo exploit the vulnerability, the attacker may provide a link that directs a user to a malicious site and use misleading language or instructions to persuade the user to follow the provided link.\n\nCisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.", "published": "2013-12-13T18:58:33", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20131213-CVE-2013-6960", "cvelist": ["CVE-2013-6960"], "lastseen": "2017-09-26T15:33:57"}]}}