Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) before 4.3.0 allow remote attackers to inject arbitrary web script or HTML via the withoutmenu parameter to (1) vulnmeter/index.php or (2) vulnmeter/sched.php; the (3) section parameter to av_inventory/task_edit.php; the (4) profile parameter to nfsen/rrdgraph.php; or the (5) scan_server or (6) targets parameter to vulnmeter/simulate.php.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2013-08-15T20:00:00
Updated: 2017-08-28T12:57:01
Reserved: 2013-08-15T00:00:00
Link: CVE-2013-5300
JSON object: View
NVD Information
Status : Modified
Published: 2013-08-15T20:55:03.503
Modified: 2017-08-29T01:33:42.717
Link: CVE-2013-5300
JSON object: View
Redhat Information
No data.
CWE