2 matches found
CVE-2013-4946
Multiple cross-site scripting XSS vulnerabilities in BMC Service Desk Express SDE 10.2.1.95 allow remote attackers to inject arbitrary web script or HTML via the 1 SelTab parameter to QVadmin.aspx, the 2 CallBack parameter to QVgrid.aspx, or the 3 HelpPage parameter to commonhelp.aspx...
CVE-2013-4946
CVE-2013-4946 concerns multiple XSS vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95. The affected component is the web interface, with input vectors in three parameters: SelTab (QV_admin.aspx), CallBack (QV_grid.aspx), and HelpPage (commonhelp.aspx). The root cause is cross-site scrip...