Lucene search

[email protected]NVD:CVE-2013-0741

HistoryNov 19, 2013 - 4:45 a.m.

CVE-2013-0741

2013-11-1904:45:06

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

57.2%

JSON

Cross-site scripting (XSS) vulnerability in imagegen.ashx in Percipient Studios ImageGen before 2.9.0 for Umbraco CMS allows remote attackers to inject arbitrary web script or HTML via the font parameter.

Affected configurations

Nvd

Node

percipientstudiosimagenRange≤2.5.7-umbraco_cms

percipientstudiosimagenMatch2.5.1-umbraco_cms

percipientstudiosimagenMatch2.5.2-umbraco_cms

percipientstudiosimagenMatch2.5.3-umbraco_cms

percipientstudiosimagenMatch2.5.4-umbraco_cms

percipientstudiosimagenMatch2.5.5-umbraco_cms

percipientstudiosimagenMatch2.5.6-umbraco_cms

VendorProductVersionCPE
percipientstudiosimagen*cpe:2.3:a:percipientstudios:imagen:*:-:*:*:*:umbraco_cms:*:*
percipientstudiosimagen2.5.1cpe:2.3:a:percipientstudios:imagen:2.5.1:-:*:*:*:umbraco_cms:*:*
percipientstudiosimagen2.5.2cpe:2.3:a:percipientstudios:imagen:2.5.2:-:*:*:*:umbraco_cms:*:*
percipientstudiosimagen2.5.3cpe:2.3:a:percipientstudios:imagen:2.5.3:-:*:*:*:umbraco_cms:*:*
percipientstudiosimagen2.5.4cpe:2.3:a:percipientstudios:imagen:2.5.4:-:*:*:*:umbraco_cms:*:*
percipientstudiosimagen2.5.5cpe:2.3:a:percipientstudios:imagen:2.5.5:-:*:*:*:umbraco_cms:*:*
percipientstudiosimagen2.5.6cpe:2.3:a:percipientstudios:imagen:2.5.6:-:*:*:*:umbraco_cms:*:*

Vendor	Product	Version	CPE
percipientstudios	imagen	*	cpe:2.3:a:percipientstudios:imagen::-::::umbraco_cms::
percipientstudios	imagen	2.5.1	cpe:2.3:a:percipientstudios:imagen:2.5.1:-::::umbraco_cms::*
percipientstudios	imagen	2.5.2	cpe:2.3:a:percipientstudios:imagen:2.5.2:-::::umbraco_cms::*
percipientstudios	imagen	2.5.3	cpe:2.3:a:percipientstudios:imagen:2.5.3:-::::umbraco_cms::*
percipientstudios	imagen	2.5.4	cpe:2.3:a:percipientstudios:imagen:2.5.4:-::::umbraco_cms::*
percipientstudios	imagen	2.5.5	cpe:2.3:a:percipientstudios:imagen:2.5.5:-::::umbraco_cms::*
percipientstudios	imagen	2.5.6	cpe:2.3:a:percipientstudios:imagen:2.5.6:-::::umbraco_cms::*

References

osvdb.org/99343

our.umbraco.org/projects/website-utilities/imagegen

secunia.com/advisories/52771

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

57.2%

JSON

Related for NVD:CVE-2013-0741

prion1 cvelist1 cve1