Cross site scripting

2013-12-2023:55:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.9%

JSON

Cross-site scripting (XSS) vulnerability in KBKP Software HostBill before 2013-12-14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
hostbilleq4.8.0
hostbilleq4.7.0
hostbilleq18102013.0.0
hostbilleq4.8.2
hostbilleq4.7.2
hostbilleq4.7.4
hostbilleq6122013.0.0
hostbilleq4.8.4
hostbilleq25102013.0.0
hostbilleq4.7.8

Name	Operator	Version
hostbill	eq	4.8.0
hostbill	eq	4.7.0
hostbill	eq	18102013.0.0
hostbill	eq	4.8.2
hostbill	eq	4.7.2
hostbill	eq	4.7.4
hostbill	eq	6122013.0.0
hostbill	eq	4.8.4
hostbill	eq	25102013.0.0
hostbill	eq	4.7.8

Rows per page:

1-10 of 251

References

extras.hostbillapp.com/security-advisory-hostbill-version-2013-12-14/

hostbillapp.com/changelog

osvdb.org/101030

secunia.com/advisories/56124

blog.rack911.com/security-advisories/hostbill-xss-admin-hijack-security-vulnerability-r911-0099

exchange.xforce.ibmcloud.com/vulnerabilities/89750