Cross-Site Scripting Vulnerability in Microsoft System Center Operations Manager 2007
CVE-2013-0009

Currently unrated

Key Information:

Vendor: Microsoft
Status: System Center Operations Manager
Vendor: CVE Published:; 9 January 2013

What is CVE-2013-0009?

The cross-site scripting vulnerability in Microsoft System Center Operations Manager allows remote attackers to inject arbitrary web scripts or HTML into the web console through specially crafted input. This could potentially lead to unauthorized actions or data exposure if successfully exploited. It is important for organizations using affected versions to apply necessary security updates and implement best practices to mitigate the risks associated with this vulnerability.

References

http://www.us-cert.gov/cas/techalerts/TA13-008A.html

third-party-advisoryx_refsource_CERT

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

24% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 9, 2013
Vulnerability Reserved
Nov 27, 2012