Multiple cross-site scripting (XSS) vulnerabilities in Apache CloudStack before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Physical network name to the Zone wizard; (2) New network name, (3) instance name, or (4) group to the Instance wizard; (5) unspecified "multi-edit fields;" and (6) unspecified "list view" edit fields related to global settings.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2013-08-19T23:00:00
Updated: 2024-08-06T15:27:40.784Z
Reserved: 2013-02-19T00:00:00
Link: CVE-2013-2136
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-08-19T23:55:08.333
Modified: 2017-08-29T01:33:14.463
Link: CVE-2013-2136
Redhat
No data.