2 matches found
CVE-2013-5695 Multilple Cross Site Scripting (XSS) Attacks in Ops View
CVE-2013-5695 Multilple Cross Site Scripting XSS Attacks in Ops View Versions: Opsview pre 4.4.1 Author: J. Oquendo joquendo at e-fensive dot net I. ADVISORY Title: Multilple Cross Site Scripting XSS Attacks in Ops View Date published: 2013-10-28 Vendor contacted: 2013-09-04 II. BACKGROUND Opsvie...
CVE-2013-5695
CVE-2013-5695 affects Opsview prior to 4.4.1 with multiple XSS weaknesses exposed in web UI endpoints: /admin/auditlog, /info/host/, /viewport/, /login, and /status/service/recheck via various parameters (id, PATH_INFO, back, from). The root cause is unvalidated user input that allows injection o...