CVE-2013-2583Cross-site Scripting in Appsuite

CWE-79Cross-site Scripting4 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
0.2%
top 54.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
PAMOpen-xchange AppsuiteOpen-xchange Server
Timeline
PublishedSep 5
Latest updateMay 17

Description

Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server before 6.20.7 rev16, 6.22.0 before rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2 before rev7 allow remote attackers to inject arbitrary web script or HTML via (1) a javascript: URL, (2) malformed nested SCRIPT elements, (3) a mail signature, or (4) JavaScript code within an image file.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages3 packages

Ubuntupam/pam< 1.1.8-1ubuntu2.1

🔴Vulnerability Details

3
GHSA
GHSA-fwj9-c38f-52p4: Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server before 62022-05-17
OSV
pam vulnerabilities2016-03-16
CVEList
CVE-2013-2583: Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server before 62013-09-05
CVE-2013-2583 — Cross-site Scripting in Appsuite | cvebase