Multiple Cross-Site Scripting Vulnerabilities in Apache CloudStack
CVE-2013-2136

Currently unrated

Key Information:

Vendor

Apache
Status
Cloudstack
Vendor
CVE Published:
19 August 2013

What is CVE-2013-2136?

Multiple cross-site scripting vulnerabilities exist in Apache CloudStack prior to version 4.1.1, enabling remote attackers to inject malicious web scripts or HTML content. These vulnerabilities can be exploited through various components, including the Physical network name in the Zone wizard, the New network name, Instance names, and groups in the Instance wizard. Furthermore, unspecified fields in multi-edit and list view edits related to global settings are also vulnerable. This highlights significant security risks associated with manipulation of user inputs, which could lead to unauthorized actions or leakage of sensitive data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/86258
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/61638
vdb-entryx_refsource_BID
http://osvdb.org/96078
vdb-entryx_refsource_OSVDB

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.