CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-5099

Cross-site scripting (XSS) vulnerability in article.php in Anchor CMS 0.9.1, when comments are enabled, allows remote attackers to inject arbitrary web script or HTML via the Name field. NOTE: some sources have reported that comments.php is vulnerable, but certain functions from comments.php are used by article.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.028

EPSS Ranking 85.5%

CVSS Severity

CVSS v2 Score 2.6

References

http://www.exploit-db.com/exploits/26958
http://www.securityfocus.com/bid/61376
https://exchange.xforce.ibmcloud.com/vulnerabilities/85888
http://www.exploit-db.com/exploits/26958
http://www.securityfocus.com/bid/61376
https://exchange.xforce.ibmcloud.com/vulnerabilities/85888

Products affected by CVE-2013-5099

Anchor » Anchor Cms » Version: 0.9.1

cpe:2.3:a:anchor:anchor_cms:0.9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-5099

Products

Pricing

Contact Us