5 matches found
CVE-2013-4624
Multiple cross-site scripting XSS vulnerabilities in Jahia xCM 6.6.1.0 before hotfix 7 allow remote attackers to inject arbitrary web script or HTML via 1 the site parameter to engines/manager.jsp, 2 the searchString parameter to administration/ in a search action, or the 3 username, 4 firstName,...
CVE-2013-4624
CVE-2013-4624 concerns Jahia xCM 6.6.1.0 prior to hotfix 7. Multiple XSS vulnerabilities arise from insufficient sanitisation of user input in several vectors: (1) site parameter to engines/manager.jsp, (2) searchString parameter to administration/?do=users&sub=search, and (3) POST fields usernam...
Multiple XSS Vulnerabilities in Jahia xCM
Advisory ID: HTB23159 Product: Jahia xCM Vendor: Jahia Solutions Group SA Vulnerable Versions: 6.6.1.0 r43343 and probably prior Tested Version: 6.6.1.0 r43343 Vendor Notification: June 5, 2013 Vendor Patch: July 17, 2013 Public Disclosure: July 31, 2013 Vulnerability Type: Cross-Site Scripting...
Jahia xCM 6.6.1.0 r43343 Cross Site Scripting
Advisory ID: HTB23159 Product: Jahia xCM Vendor: Jahia Solutions Group SA Vulnerable Versions: 6.6.1.0 r43343 and probably prior Tested Version: 6.6.1.0 r43343 Vendor Notification: June 5, 2013 Vendor Patch: July 17, 2013 Public Disclosure: July 31, 2013 Vulnerability Type: Cross-Site Scripting...
CVE-2013-4624
creationtimestamp| type| source ---|---|--- 2013-07-31 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38683 2013-07-31 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38682...