Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-6047

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2013-6047
Last Modified 27 Jul 2015 12:10:43
Published 25 Feb 2014 10:55:07
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-6047

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the site creation interface in ikiwiki-hosting before 0.20131025 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Ikiwiki Hosting Project Ikiwiki Hosting 0.20110401

  • Ikiwiki Hosting Project Ikiwiki Hosting 0.20110420

  • Ikiwiki Hosting Project Ikiwiki Hosting 0.20110424

  • Ikiwiki Hosting Project Ikiwiki Hosting 0.20110515

  • Ikiwiki Hosting Project Ikiwiki Hosting 0.20110608

  • Ikiwiki Hosting Project Ikiwiki Hosting 0.20110926

  • Ikiwiki Hosting Project Ikiwiki Hosting 0.20111005

  • Ikiwiki Hosting Project Ikiwiki Hosting 0.20120125

  • Ikiwiki Hosting Project Ikiwiki Hosting 0.20120131

  • Ikiwiki Hosting Project Ikiwiki Hosting 0.20120425

  • Ikiwiki Hosting Project Ikiwiki Hosting 0.20120526

  • Ikiwiki Hosting Project Ikiwiki Hosting 0.20120527

  • Ikiwiki Hosting Project Ikiwiki Hosting 0.20130504

  • Ikiwiki Hosting Project Ikiwiki Hosting 0.20130926


References

XF - ikiwikihosting-cve20136047-xss(88334)

MLIST - [oss-security] 20131026 [Notification] CVE-2013-6047: ikiwiki-hosting: XSS in site creation interface

MLIST - [debian-devel-changes] 20131025 Accepted ikiwiki-hosting 0.20131025 (source all amd64)

OSVDB - 99012


Last Updated: 27 May 2016 10:55:15