Vulnerability Details CVE-2013-5695
Multiple cross-site scripting (XSS) vulnerabilities in Opsview before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to admin/auditlog/, (2) PATH_INFO to info/host/ or (3) viewport/, (4) back parameter to login, or (5) "from" parameter to status/service/recheck.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.2%
CVSS Severity
CVSS v2 Score 4.3
References
Products affected by CVE-2013-5695
-
cpe:2.3:a:opsview:opsview:2.10
-
cpe:2.3:a:opsview:opsview:2.12
-
cpe:2.3:a:opsview:opsview:2.14
-
cpe:2.3:a:opsview:opsview:2.7
-
cpe:2.3:a:opsview:opsview:2.8
-
cpe:2.3:a:opsview:opsview:3.0
-
cpe:2.3:a:opsview:opsview:3.1
-
cpe:2.3:a:opsview:opsview:3.10
-
cpe:2.3:a:opsview:opsview:3.12
-
cpe:2.3:a:opsview:opsview:3.14
-
cpe:2.3:a:opsview:opsview:3.2
-
cpe:2.3:a:opsview:opsview:3.4
-
cpe:2.3:a:opsview:opsview:3.6
-
cpe:2.3:a:opsview:opsview:3.8
-
cpe:2.3:a:opsview:opsview:4.0
-
cpe:2.3:a:opsview:opsview:4.1
-
cpe:2.3:a:opsview:opsview:4.2
-
cpe:2.3:a:opsview:opsview:4.3
-
cpe:2.3:a:opsview:opsview:4.4