{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-12-14T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in KBKP Software HostBill before 2013-12-14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "56124", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/56124"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://extras.hostbillapp.com/security-advisory-hostbill-version-2013-12-14/"}, {"name": "101030", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/101030"}, {"name": "hostbill-unspecified-xss(89750)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89750"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://hostbillapp.com/changelog"}, {"tags": ["x_refsource_MISC"], "url": "https://blog.rack911.com/security-advisories/hostbill-xss-admin-hijack-security-vulnerability-r911-0099"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-7188", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in KBKP Software HostBill before 2013-12-14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "56124", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56124"}, {"name": "http://extras.hostbillapp.com/security-advisory-hostbill-version-2013-12-14/", "refsource": "CONFIRM", "url": "http://extras.hostbillapp.com/security-advisory-hostbill-version-2013-12-14/"}, {"name": "101030", "refsource": "OSVDB", "url": "http://osvdb.org/101030"}, {"name": "hostbill-unspecified-xss(89750)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89750"}, {"name": "http://hostbillapp.com/changelog", "refsource": "CONFIRM", "url": "http://hostbillapp.com/changelog"}, {"name": "https://blog.rack911.com/security-advisories/hostbill-xss-admin-hijack-security-vulnerability-r911-0099", "refsource": "MISC", "url": "https://blog.rack911.com/security-advisories/hostbill-xss-admin-hijack-security-vulnerability-r911-0099"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T18:01:19.591Z"}, "title": "CVE Program Container", "references": [{"name": "56124", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/56124"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://extras.hostbillapp.com/security-advisory-hostbill-version-2013-12-14/"}, {"name": "101030", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/101030"}, {"name": "hostbill-unspecified-xss(89750)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89750"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://hostbillapp.com/changelog"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://blog.rack911.com/security-advisories/hostbill-xss-admin-hijack-security-vulnerability-r911-0099"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-7188", "datePublished": "2013-12-20T23:00:00.000Z", "dateReserved": "2013-12-20T00:00:00.000Z", "dateUpdated": "2024-08-06T18:01:19.591Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hostbillapp:hostbill:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A103A21-A1BC-4576-AED4-6C5AF3A16908", "versionEndIncluding": "13-12-2013", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:02-08-2013:*:*:*:*:*:*:*", "matchCriteriaId": "C8D36534-5D58-428F-84DF-F6D04FACC466", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:04-11-2013:*:*:*:*:*:*:*", "matchCriteriaId": "8523E3D4-AEA8-48B1-A803-BFA4E8521661", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:4.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "8726F2AB-A981-45F5-8652-9DE160D6D287", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:4.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "1A5404D8-E2C1-4CB8-B0E5-0378E181C55F", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:4.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "7F877F8B-089D-44C2-AA33-FE1C262BE829", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:4.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "8D327A52-1B81-4B84-8426-24DFC6565A62", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:4.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "358095FE-D258-44AF-97DF-B5DF0DC3FD65", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:4.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "2A62EB14-66E7-4E57-A7DB-08E6D20AA5E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:4.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "9299A3FE-1863-4901-9C66-4E55AC41AD55", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:4.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "E4DBD775-3246-40F3-A2E5-8B80260FB787", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:4.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "9CDE2CED-9926-4223-B511-FFDAA11F1F4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:4.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "B20CFD6D-E432-4830-8E0D-E52E1DCCF5BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:4.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "9AE0464E-A952-4007-BAB9-28512D300C74", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:4.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "C8A53DD5-63C4-4383-ACFB-1FD18FC64620", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:4.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "6082732B-E017-45F6-8B39-CED62D5C6156", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:06-11-2013:*:*:*:*:*:*:*", "matchCriteriaId": "88A79F09-A5F2-4F02-8495-EFB6A6DEC6F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:06-12-2013:*:*:*:*:*:*:*", "matchCriteriaId": "17698694-D32F-4C2C-A075-1756867383F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:08-11-2013:*:*:*:*:*:*:*", "matchCriteriaId": "F5AF3BBC-DB0C-430B-9280-2EA6980B5D16", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:15-11-2013:*:*:*:*:*:*:*", "matchCriteriaId": "EE0F11A7-63B8-456F-822A-7B29F40D096C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:18-10-2013:*:*:*:*:*:*:*", "matchCriteriaId": "DB7FD83B-860F-4A35-B2D4-F8863A799F8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:19-11-2013:*:*:*:*:*:*:*", "matchCriteriaId": "5D98B74C-BA50-41DF-A04A-888F1A090AAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:22-11-2013:*:*:*:*:*:*:*", "matchCriteriaId": "21AA115C-90DC-4B3A-84B5-ADD8C37CC4F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:25-10-2013:*:*:*:*:*:*:*", "matchCriteriaId": "1296BCE4-D0D6-4C33-B4DA-C19E9F3160B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hostbillapp:hostbill:29-11-2013:*:*:*:*:*:*:*", "matchCriteriaId": "2E2E4B57-F379-408A-89BB-9D01623D28C5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in KBKP Software HostBill before 2013-12-14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad corss-site scripting (XSS) en KBKP Software Hostbill anteriores a 2013-12-14 permite a atacantes remotos inyectar script web o HTML de forma arbitraria a trav\u00e9s de vectores no especificados."}], "id": "CVE-2013-7188", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2013-12-20T23:55:18.963", "references": [{"source": "cve@mitre.org", "url": "http://extras.hostbillapp.com/security-advisory-hostbill-version-2013-12-14/"}, {"source": "cve@mitre.org", "url": "http://hostbillapp.com/changelog"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/101030"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/56124"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://blog.rack911.com/security-advisories/hostbill-xss-admin-hijack-security-vulnerability-r911-0099"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89750"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://extras.hostbillapp.com/security-advisory-hostbill-version-2013-12-14/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://hostbillapp.com/changelog"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/101030"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/56124"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://blog.rack911.com/security-advisories/hostbill-xss-admin-hijack-security-vulnerability-r911-0099"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89750"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}