Cross-Site Scripting Vulnerabilities in BMC Service Desk Express by BMC Software
CVE-2013-4946

Currently unrated

Key Information:

Vendor

Bmc

Status
Service Desk Express
Vendor
CVE Published:
29 July 2013

What is CVE-2013-4946?

BMC Service Desk Express versions prior to 10.2.1.95 are vulnerable to multiple cross-site scripting (XSS) exploits. Attackers can inject arbitrary web scripts or HTML through unsecured parameters such as SelTab in QV_admin.aspx, CallBack in QV_grid.aspx, and HelpPage in commonhelp.aspx, potentially leading to unauthorized operations or data exposure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.exploit-db.com/exploits/26806
exploitx_refsource_EXPLOIT-DB
http://archives.neohapsis.com/archives/bugtraq/2013-07/00...
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/61147
vdb-entryx_refsource_BID

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.