Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2013-3484

Multiple cross-site scripting (XSS) vulnerabilities in dotCMS before 2.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) _loginUserName parameter to application/login/login.html, (2) my_account_login parameter to c/portal_public/login, or (3) email parameter to forgotPassword.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.6%
CVSS Severity
CVSS v2 Score 4.3
Products affected by CVE-2013-3484
  • Dotcms » Dotcms » Version: 1.9
    cpe:2.3:a:dotcms:dotcms:1.9
  • Dotcms » Dotcms » Version: 1.9.2.1
    cpe:2.3:a:dotcms:dotcms:1.9.2.1
  • Dotcms » Dotcms » Version: 1.9.5.1
    cpe:2.3:a:dotcms:dotcms:1.9.5.1
  • Dotcms » Dotcms » Version: 2.0
    cpe:2.3:a:dotcms:dotcms:2.0
  • Dotcms » Dotcms » Version: 2.0.1
    cpe:2.3:a:dotcms:dotcms:2.0.1
  • Dotcms » Dotcms » Version: 2.1
    cpe:2.3:a:dotcms:dotcms:2.1
  • Dotcms » Dotcms » Version: 2.1.1
    cpe:2.3:a:dotcms:dotcms:2.1.1
  • Dotcms » Dotcms » Version: 2.2
    cpe:2.3:a:dotcms:dotcms:2.2
  • Dotcms » Dotcms » Version: 2.2.1
    cpe:2.3:a:dotcms:dotcms:2.2.1
  • Dotcms » Dotcms » Version: 2.3
    cpe:2.3:a:dotcms:dotcms:2.3
  • Dotcms » Dotcms » Version: 2.3.1
    cpe:2.3:a:dotcms:dotcms:2.3.1


Products
Pricing
Contact Us

Shodan ® - All rights reserved