Lucene search

Ubuntu.comUB:CVE-2013-7258

HistoryJan 03, 2014 - 12:00 a.m.

CVE-2013-7258

2014-01-0300:00:00

ubuntu.com

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.002

Percentile

56.9%

JSON

Cross-site scripting (XSS) vulnerability in web2ldap 1.1.x before 1.1.49
allows remote attackers to inject arbitrary web script or HTML via
unspecified vectors related to “displaying group DN and entry data in group
administration UI.”

Bugs

<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734107>

OSVersionArchitecturePackageVersionFilename
ubuntu16.04noarchweb2ldap< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	16.04	noarch	web2ldap	< any	UNKNOWN

References

secunia.com/advisories/56160

www.web2ldap.de/changes-1.1.html

launchpad.net/bugs/cve/CVE-2013-7258

nvd.nist.gov/vuln/detail/CVE-2013-7258

security-tracker.debian.org/tracker/CVE-2013-7258

www.cve.org/CVERecord?id=CVE-2013-7258

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.002

Percentile

56.9%

JSON

Related for UB:CVE-2013-7258