CVE-2013-7025

Currently unrated

Key Information:

Vendor: Sonicwall
Status: Analyzer; Global Management System
Vendor: CVE Published:; 9 December 2013

Summary

Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or HTML via the (1) valfield_1 or (2) value_1 parameter to createNewThreshold.jsp.

References

http://archives.neohapsis.com/archives/bugtraq/2013-12/00...

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/55923

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/89462

vdb-entryx_refsource_XF

EPSS Score

1% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 9, 2013
Vulnerability Reserved
Dec 8, 2013

Collectors

NVD DatabaseMitre Database