Lucene search
MitreCVE-2013-6882HistoryDec 17, 2013 - 4:08 p.m.
CVE-2013-6882
2013-12-1716:08:51
CWE-79
mitre
web.nvd.nist.gov
27
cru ditto
forensic fieldstation
xss
cve-2013-6882
security vulnerability
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.003
Percentile
68.3%
Multiple cross-site scripting (XSS) vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow (1) remote attackers to inject arbitrary web script or HTML via the username parameter in a login or (2) remote authenticated users to inject arbitrary web script or HTML via unspecified form fields.
Affected configurations
Node
cru-incditto_forensic_fieldstation_firmwareRange≤2013oct15a
cru-incditto_forensic_fieldstationMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cru-inc | ditto_forensic_fieldstation_firmware | * | cpe:2.3:o:cru-inc:ditto_forensic_fieldstation_firmware:*:*:*:*:*:*:*:* |
| cru-inc | ditto_forensic_fieldstation | - | cpe:2.3:h:cru-inc:ditto_forensic_fieldstation:-:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2013-6882
2013-12-17 16:08:51
cvelist
cvelist
CVE-2013-6882
2013-12-17 16:00:00
prion
prion
Cross site scripting
2013-12-17 16:08:00
zdt
zdt
Ditto Forensic FieldStation 2013Oct15a - Multiple Vulnerabilities
2013-12-17 00:00:00
packetstorm
packetstorm
Ditto Forensic FieldStation 2013Oct15a XSS/ CSRF / Command Execution
2013-12-13 00:00:00
exploitdb
exploitdb
Ditto Forensic FieldStation 2013Oct15a - Multiple Vulnerabilities
2013-12-17 00:00:00
exploitpack
exploitpack
Ditto Forensic FieldStation 2013Oct15a - Multiple Vulnerabilities
2013-12-17 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.003
Percentile
68.3%
Related for CVE-2013-6882