Lucene search
RedhatCVELIST:CVE-2013-6430HistoryJan 10, 2020 - 1:28 p.m.
CVE-2013-6430
2020-01-1013:28:11
redhat
www.cve.org
2
The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket.
CNA Affected
[
{
"product": "Spring MVC",
"vendor": "Pivotal",
"versions": [
{
"status": "affected",
"version": "before 3.2.2"
}
]
}
]Related
prion
prion
Cross site scripting
2020-01-10 14:15:00
ubuntucve
ubuntucve
CVE-2013-6430
2020-01-10 00:00:00
cve
cve
CVE-2013-6430
2020-01-10 14:15:10
osv
osv
debiancve
debiancve
CVE-2013-6430
2020-01-10 14:15:10
github
github
nvd
nvd
CVE-2013-6430
2020-01-10 14:15:10
nessus
nessus
Debian DSA-2857-1 : libspring-java - several vulnerabilities
2014-02-10 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0096)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-2857-1)
2014-02-07 00:00:00
debian
debian
[SECURITY] [DSA 2857-1] libspring-java security update
2014-02-08 14:41:58
mageia
mageia
Updated springframework package fixes security vulnerabilities
2014-02-26 01:35:01
securityvulns
securityvulns
redhat
redhat
(RHSA-2014:0401) Moderate: Red Hat JBoss A-MQ 6.1.0 update
2014-04-14 13:36:41
(RHSA-2014:0400) Moderate: Red Hat JBoss Fuse 6.1.0 update
2014-04-14 00:00:00
