Lucene search
MitreCVE-2013-1095HistoryJun 17, 2013 - 11:38 a.m.
CVE-2013-1095
2013-06-1711:38:48
CWE-79
mitre
web.nvd.nist.gov
24
cve-2013-1095
xss
vulnerability
zcc
njwc.jar
novell
zenworks configuration management
remote attackers
web script
html
onerror event
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
47.7%
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError event.
Affected configurations
Node
novellzenworks_configuration_managementMatch11.2
ORnovellzenworks_configuration_managementMatch11.2.1
ORnovellzenworks_configuration_managementMatch11.2.2
ORnovellzenworks_configuration_managementMatch11.2.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | zenworks_configuration_management | 11.2 | cpe:2.3:a:novell:zenworks_configuration_management:11.2:*:*:*:*:*:*:* |
| novell | zenworks_configuration_management | 11.2.1 | cpe:2.3:a:novell:zenworks_configuration_management:11.2.1:*:*:*:*:*:*:* |
| novell | zenworks_configuration_management | 11.2.2 | cpe:2.3:a:novell:zenworks_configuration_management:11.2.2:*:*:*:*:*:*:* |
| novell | zenworks_configuration_management | 11.2.3 | cpe:2.3:a:novell:zenworks_configuration_management:11.2.3:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2013-06-17 11:38:00
cvelist
cvelist
CVE-2013-1095
2013-06-17 10:00:00
nvd
nvd
CVE-2013-1095
2013-06-17 11:38:48
nessus
nessus
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
47.7%
Related for CVE-2013-1095