Multiple XSS Vulnerabilities in Alcatel-Lucent Omnitouch Products
CVE-2013-4653

Currently unrated

Key Information:

Vendor

Alcatel-lucent

Status
Omnitouch 8670 Automated Delivery Message Delivery System
Omnitouch 8660 My Teamwork
Omnitouch 8400 Instant Communications Suite
Omnitouch 8460 Advanced Communication Server
Vendor
CVE Published:
20 August 2013

What is CVE-2013-4653?

The signin functionality of the Omnitouch series from Alcatel-Lucent is subject to multiple cross-site scripting vulnerabilities. Remotely located attackers can exploit these weaknesses by injecting arbitrary web script or HTML into the application through crafted URLs. This exploitation can lead to reflected XSS attacks. In addition, user-assisted methods may allow attackers to introduce malicious scripts via users' personal bookmark entries, leading to stored XSS vulnerabilities. It is essential for users of affected versions to take comprehensive security measures to mitigate these risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://osvdb.org/94811
vdb-entryx_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilities/85382
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/60902
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.