Back to search
CVE-2013-2136
Published: Aug 19, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in Apache CloudStack before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Physical network name to the Zone wizard; (2) New network name, (3) instance name, or (4) group to the Instance wizard; (5) unspecified "multi-edit fields;" and (6) unspecified "list view" edit fields related to global settings.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
apache-cloudstack-cve20132136-xss(86258)
vdb-entry
x_refsource_XF
61638
vdb-entry
x_refsource_BID
96078
vdb-entry
x_refsource_OSVDB
20130806 [CVE-2013-2136] Apache CloudStack Cross-site scripting (XSS) vulnerabiliity
mailing-list
x_refsource_BUGTRAQ
20130807 Updated [CVE-2013-2136] Apache CloudStack Cross-site scripting (XSS) vulnerabiliity
mailing-list
x_refsource_BUGTRAQ
96074
vdb-entry
x_refsource_OSVDB
96076
vdb-entry
x_refsource_OSVDB
https://issues.apache.org/jira/browse/CLOUDSTACK-2936
x_refsource_CONFIRM
96075
vdb-entry
x_refsource_OSVDB
96077
vdb-entry
x_refsource_OSVDB
54399
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now