Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-1770

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2013-1770
Last Modified 02 Apr 2014 01:00:41
Published 02 Apr 2014 12:05:46
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-1770

Summary

Cross-site scripting (XSS) vulnerability in views_view.php in Ganglia Web 3.5.7 allows remote attackers to inject arbitrary web script or HTML via the view_name parameter.

Vulnerable Systems

Application

  • Ganglia-web 3.5.7


References

CONFIRM - https://github.com/ganglia/ganglia-web/commit/552965f33bf79d41ccbec3f1f26840c8bab54ad6

CONFIRM - https://github.com/ganglia/ganglia-web/issues/160

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=892823

XF - ganglia-viewsview-xss(82468)

MLIST - [oss-security] 20130226 Re: CVE request: XSS flaws fixed in ganglia

MLIST - [oss-security] 20130221 Re: CVE request: XSS flaws fixed in ganglia

SECUNIA - 52673


Last Updated: 27 May 2016 11:04:50