Lucene search

High-Tech Bridge SAPATCHSTACK:01B5D2CF0D05CB6E3333CD920A385CF0

HistoryJun 19, 2013 - 12:00 a.m.

WordPress BackWPup Plugin <= 3.0.12 - XSS

2013-06-1900:00:00

High-Tech Bridge SA

patchstack.com

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the “tab” parameter to wp-admin/admin.php.

Solution

           Update the plugin.

CPENameOperatorVersion
backwpuple3.0.12

CPE	Name	Operator	Version
	backwpup	le	3.0.12

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4626

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

Related for PATCHSTACK:01B5D2CF0D05CB6E3333CD920A385CF0