Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-3371HistoryAug 23, 2013 - 4:55 p.m.
CVE-2013-3371
2013-08-2316:55:07
Debian Security Bug Tracker
security-tracker.debian.org
14
cross-site scripting
request tracker
rt 3.8.3
rt 3.8.16
rt 4.0.x
cve-2013-3371
web script injection
html injection
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
66.4%
Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 3.8.3 through 3.8.16 and 4.0.x before 4.0.13 allows remote attackers to inject arbitrary web script or HTML via the filename of an attachment.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | request-tracker4 | < 4.0.12-2 | request-tracker4_4.0.12-2_all.deb |
| Debian | 11 | all | request-tracker4 | < 4.0.12-2 | request-tracker4_4.0.12-2_all.deb |
| Debian | 999 | all | request-tracker4 | < 4.0.12-2 | request-tracker4_4.0.12-2_all.deb |
| Debian | 13 | all | request-tracker4 | < 4.0.12-2 | request-tracker4_4.0.12-2_all.deb |
Related
prion
prion
Cross site scripting
2013-08-23 16:55:00
Cross site scripting
2013-08-23 16:55:00
cvelist
cvelist
CVE-2013-3371
2013-08-23 16:00:00
CVE-2013-5587
2013-08-23 16:00:00
cve
cve
CVE-2013-3371
2013-08-23 16:55:07
CVE-2013-5587
2013-08-23 16:55:07
nvd
nvd
CVE-2013-3371
2013-08-23 16:55:07
CVE-2013-5587
2013-08-23 16:55:07
debiancve
debiancve
CVE-2013-5587
2013-08-23 16:55:07
ubuntucve
ubuntucve
CVE-2013-5587
2013-08-23 00:00:00
CVE-2013-3371
2013-08-23 00:00:00
nessus
nessus
Debian DSA-2670-1 : request-tracker3.8 - several vulnerabilities
2013-05-23 00:00:00
Debian DSA-2671-1 : request-tracker4 - several vulnerabilities
2013-05-23 00:00:00
osv
osv
request-tracker3.8 - several
2013-05-22 00:00:00
request-tracker4 - several
2013-05-22 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2670-1)
2013-05-21 00:00:00
debian
debian
[SECURITY] [DSA 2670-1] request-tracker3.8 security update
2013-05-22 19:11:30
[SECURITY] [DSA 2670-1] request-tracker3.8 security update
2013-05-22 19:11:30
[SECURITY] [DSA 2671-1] request-tracker4 security update
2013-05-22 19:45:55
freebsd
freebsd
RT -- multiple vulnerabilities
2013-05-22 00:00:00
mageia
mageia
Updated rt/perl-Encode packages fix security vulnerability
2017-09-03 17:31:33
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
66.4%
Related for DEBIANCVE:CVE-2013-3371