Multiple cross-site scripting (XSS) vulnerabilities in Apache CloudStack before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Physical network name to the Zone wizard; (2) New network name, (3) instance name, or (4) group to the Instance wizard; (5) unspecified "multi-edit fields;" and (6) unspecified "list view" edit fields related to global settings.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2013-08-19T23:00:00

Updated: 2024-08-06T15:27:40.784Z

Reserved: 2013-02-19T00:00:00

Link: CVE-2013-2136

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-08-19T23:55:08.333

Modified: 2017-08-29T01:33:14.463

Link: CVE-2013-2136

cve-icon Redhat

No data.