Lucene search
HistoryMar 13, 2014 - 2:55 p.m.
CVE-2013-3728
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.2 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
50.0%
Cross-site scripting (XSS) vulnerability in Kasseler CMS before 2 r1232 allows remote authenticated users with permissions to create categories to inject arbitrary web script or HTML via the cat parameter in an admin_new_category action to admin.php.
Affected configurations
Node
kasseler-cmskasseler-cmsRange≤2r1223
Related
cve
cve
CVE-2013-3728
2014-03-13 14:55:05
prion
prion
Cross site scripting
2014-03-13 14:55:00
cvelist
cvelist
CVE-2013-3728
2014-03-13 14:00:00
zdt
zdt
Kasseler CMS 2 r1223 CSRF / XSS / SQL Injection Vulnerabilities
2013-07-03 00:00:00
htbridge
htbridge
Multiple Vulnerabilities in Kasseler CMS
2013-05-29 00:00:00
securityvulns
securityvulns
Multiple Vulnerabilities in Kasseler CMS
2013-07-15 00:00:00
exploitpack
exploitpack
Kasseler CMS 2 r1223 - Multiple Vulnerabilities
2013-07-05 00:00:00
packetstorm
packetstorm
Kasseler CMS 2 r1223 CSRF / XSS / SQL Injection
2013-07-03 00:00:00
exploitdb
exploitdb
Kasseler CMS 2 r1223 - Multiple Vulnerabilities
2013-07-05 00:00:00
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.2 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
50.0%
Related for NVD:CVE-2013-3728