Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2013-5855

Oracle Mojarra 2.2.x before 2.2.6 and 2.1.x before 2.1.28 does not perform appropriate encoding when a (1) <h:outputText> tag or (2) EL expression is used after a scriptor style block, which allows remote attackers to conduct cross-site scripting (XSS) attacks via application-specific vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.2%
CVSS Severity
CVSS v2 Score 4.3
References
Products affected by CVE-2013-5855
  • Oracle » Mojarra » Version: 2.1.0
    cpe:2.3:a:oracle:mojarra:2.1.0
  • Oracle » Mojarra » Version: 2.1.1
    cpe:2.3:a:oracle:mojarra:2.1.1
  • Oracle » Mojarra » Version: 2.1.10
    cpe:2.3:a:oracle:mojarra:2.1.10
  • Oracle » Mojarra » Version: 2.1.11
    cpe:2.3:a:oracle:mojarra:2.1.11
  • Oracle » Mojarra » Version: 2.1.12
    cpe:2.3:a:oracle:mojarra:2.1.12
  • Oracle » Mojarra » Version: 2.1.13
    cpe:2.3:a:oracle:mojarra:2.1.13
  • Oracle » Mojarra » Version: 2.1.14
    cpe:2.3:a:oracle:mojarra:2.1.14
  • Oracle » Mojarra » Version: 2.1.15
    cpe:2.3:a:oracle:mojarra:2.1.15
  • Oracle » Mojarra » Version: 2.1.16
    cpe:2.3:a:oracle:mojarra:2.1.16
  • Oracle » Mojarra » Version: 2.1.17
    cpe:2.3:a:oracle:mojarra:2.1.17
  • Oracle » Mojarra » Version: 2.1.18
    cpe:2.3:a:oracle:mojarra:2.1.18
  • Oracle » Mojarra » Version: 2.1.19
    cpe:2.3:a:oracle:mojarra:2.1.19
  • Oracle » Mojarra » Version: 2.1.2
    cpe:2.3:a:oracle:mojarra:2.1.2
  • Oracle » Mojarra » Version: 2.1.20
    cpe:2.3:a:oracle:mojarra:2.1.20
  • Oracle » Mojarra » Version: 2.1.21
    cpe:2.3:a:oracle:mojarra:2.1.21
  • Oracle » Mojarra » Version: 2.1.22
    cpe:2.3:a:oracle:mojarra:2.1.22
  • Oracle » Mojarra » Version: 2.1.23
    cpe:2.3:a:oracle:mojarra:2.1.23
  • Oracle » Mojarra » Version: 2.1.24
    cpe:2.3:a:oracle:mojarra:2.1.24
  • Oracle » Mojarra » Version: 2.1.25
    cpe:2.3:a:oracle:mojarra:2.1.25
  • Oracle » Mojarra » Version: 2.1.26
    cpe:2.3:a:oracle:mojarra:2.1.26
  • Oracle » Mojarra » Version: 2.1.27
    cpe:2.3:a:oracle:mojarra:2.1.27
  • Oracle » Mojarra » Version: 2.1.3
    cpe:2.3:a:oracle:mojarra:2.1.3
  • Oracle » Mojarra » Version: 2.1.4
    cpe:2.3:a:oracle:mojarra:2.1.4
  • Oracle » Mojarra » Version: 2.1.5
    cpe:2.3:a:oracle:mojarra:2.1.5
  • Oracle » Mojarra » Version: 2.1.6
    cpe:2.3:a:oracle:mojarra:2.1.6
  • Oracle » Mojarra » Version: 2.1.7
    cpe:2.3:a:oracle:mojarra:2.1.7
  • Oracle » Mojarra » Version: 2.1.8
    cpe:2.3:a:oracle:mojarra:2.1.8
  • Oracle » Mojarra » Version: 2.1.9
    cpe:2.3:a:oracle:mojarra:2.1.9
  • Oracle » Mojarra » Version: 2.2.0
    cpe:2.3:a:oracle:mojarra:2.2.0
  • Oracle » Mojarra » Version: 2.2.1
    cpe:2.3:a:oracle:mojarra:2.2.1
  • Oracle » Mojarra » Version: 2.2.2
    cpe:2.3:a:oracle:mojarra:2.2.2
  • Oracle » Mojarra » Version: 2.2.3
    cpe:2.3:a:oracle:mojarra:2.2.3
  • Oracle » Mojarra » Version: 2.2.4
    cpe:2.3:a:oracle:mojarra:2.2.4
  • Oracle » Mojarra » Version: 2.2.5
    cpe:2.3:a:oracle:mojarra:2.2.5


Products
Pricing
Contact Us

Shodan ® - All rights reserved