CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-4899

Cross-site scripting (XSS) vulnerability in Twilight CMS 5.17 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the gallery/ page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.4%

CVSS Severity

CVSS v2 Score 4.3

References

http://archives.neohapsis.com/archives/bugtraq/2013-08/0128.html
http://secunia.com/advisories/54404
https://www.htbridge.com/advisory/HTB23166
http://archives.neohapsis.com/archives/bugtraq/2013-08/0128.html
http://secunia.com/advisories/54404
https://www.htbridge.com/advisory/HTB23166

Products affected by CVE-2013-4899

Twilightcms » Twilight Cms » Version: 5.17

cpe:2.3:a:twilightcms:twilight_cms:5.17

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-4899

Products

Pricing

Contact Us