Lucene search

[email protected]CVE-2013-7365

HistoryApr 10, 2014 - 8:55 p.m.

CVE-2013-7365

2014-04-1020:55:00

CWE-79

[email protected]

web.nvd.nist.gov

sap

enterprise portal

xss

vulnerability

remote attackers

script injection

cve-2013-7365

nvd

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.0%

JSON

Cross-site scripting (XSS) vulnerability in SAP Enterprise Portal allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

CPENameOperatorVersion
sap:enterprise_portalsap enterprise portaleq-

CPE	Name	Operator	Version
sap:enterprise_portal	sap enterprise portal	eq	-

References

archives.neohapsis.com/archives/bugtraq/2013-02/0132.html

scn.sap.com/docs/DOC-8218

www.onapsis.com/get.php?resid=adv_onapsis-2013-003

www.onapsis.com/research-advisories.php

www.securityfocus.com/bid/58155

service.sap.com/sap/support/notes/1589716

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.0%

JSON

Related for CVE-2013-7365

cvelist1 prion1