Lucene search

[email protected]NVD:CVE-2013-5308

HistoryAug 16, 2013 - 5:55 p.m.

CVE-2013-5308

2013-08-1617:55:09

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

60.3%

JSON

Cross-site scripting (XSS) vulnerability in the RealURL Management (realurlmanagement) extension 0.3.4 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Nvd

Node

juralsulekrealurlmanagementRange≤0.3.4

juralsulekrealurlmanagementMatch0.1.0

juralsulekrealurlmanagementMatch0.2.0

juralsulekrealurlmanagementMatch0.2.1

juralsulekrealurlmanagementMatch0.2.2

juralsulekrealurlmanagementMatch0.2.3

juralsulekrealurlmanagementMatch0.3.0

juralsulekrealurlmanagementMatch0.3.2

juralsulekrealurlmanagementMatch0.3.3

AND

typo3typo3Match-

VendorProductVersionCPE
juralsulekrealurlmanagement*cpe:2.3:a:juralsulek:realurlmanagement:*:*:*:*:*:*:*:*
juralsulekrealurlmanagement0.1.0cpe:2.3:a:juralsulek:realurlmanagement:0.1.0:*:*:*:*:*:*:*
juralsulekrealurlmanagement0.2.0cpe:2.3:a:juralsulek:realurlmanagement:0.2.0:*:*:*:*:*:*:*
juralsulekrealurlmanagement0.2.1cpe:2.3:a:juralsulek:realurlmanagement:0.2.1:*:*:*:*:*:*:*
juralsulekrealurlmanagement0.2.2cpe:2.3:a:juralsulek:realurlmanagement:0.2.2:*:*:*:*:*:*:*
juralsulekrealurlmanagement0.2.3cpe:2.3:a:juralsulek:realurlmanagement:0.2.3:*:*:*:*:*:*:*
juralsulekrealurlmanagement0.3.0cpe:2.3:a:juralsulek:realurlmanagement:0.3.0:*:*:*:*:*:*:*
juralsulekrealurlmanagement0.3.2cpe:2.3:a:juralsulek:realurlmanagement:0.3.2:*:*:*:*:*:*:*
juralsulekrealurlmanagement0.3.3cpe:2.3:a:juralsulek:realurlmanagement:0.3.3:*:*:*:*:*:*:*
typo3typo3-cpe:2.3:a:typo3:typo3:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
juralsulek	realurlmanagement	*	cpe:2.3:a:juralsulek:realurlmanagement::::::::
juralsulek	realurlmanagement	0.1.0	cpe:2.3:a:juralsulek:realurlmanagement:0.1.0:::::::*
juralsulek	realurlmanagement	0.2.0	cpe:2.3:a:juralsulek:realurlmanagement:0.2.0:::::::*
juralsulek	realurlmanagement	0.2.1	cpe:2.3:a:juralsulek:realurlmanagement:0.2.1:::::::*
juralsulek	realurlmanagement	0.2.2	cpe:2.3:a:juralsulek:realurlmanagement:0.2.2:::::::*
juralsulek	realurlmanagement	0.2.3	cpe:2.3:a:juralsulek:realurlmanagement:0.2.3:::::::*
juralsulek	realurlmanagement	0.3.0	cpe:2.3:a:juralsulek:realurlmanagement:0.3.0:::::::*
juralsulek	realurlmanagement	0.3.2	cpe:2.3:a:juralsulek:realurlmanagement:0.3.2:::::::*
juralsulek	realurlmanagement	0.3.3	cpe:2.3:a:juralsulek:realurlmanagement:0.3.3:::::::*
typo3	typo3	-	cpe:2.3:a:typo3:typo3:-:::::::*

References

osvdb.org/95958

typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013

www.securityfocus.com/bid/61654

exchange.xforce.ibmcloud.com/vulnerabilities/86237

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

60.3%

JSON

Related for NVD:CVE-2013-5308

cvelist1 prion1 cve1 typo31