CVE-2013-5943
published 2013-09-27CVE-2013-5943: Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0.9.11 allow remote attackers to inject arbitrary web script or HTML via unspecified…
PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.17%
63.5th percentile
Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0.9.11 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | graphite-web | < graphite-web 0.9.12+debian-1 (bookworm) | graphite-web 0.9.12+debian-1 (bookworm) |
| graphite_project | graphite | <= 0.9.10 | — |
| graphite_project | graphite | — | — |
| graphite_project | graphite | — | — |
| graphite_project | graphite | — | — |
| graphite_project | graphite | — | — |
| graphite_project | graphite | — | — |
| graphite_project | graphite | — | — |
| graphite_project | graphite | — | — |
| graphite_project | graphite | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv4.3MEDIUM
vendor_debian4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jqjf-6p78-286m: Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0
ghsa_unreviewed·2022-05-17
CVE-2013-5943 [MEDIUM] CWE-79 GHSA-jqjf-6p78-286m: Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0
Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0.9.11 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
OSV
CVE-2013-5943: Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0
osv·2013-09-27·CVSS 4.3
CVE-2013-5943 [MEDIUM] CVE-2013-5943: Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0
Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0.9.11 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Debian
CVE-2013-5943: graphite-web - Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0.9.11 al...
vendor_debian·2013·CVSS 4.3
CVE-2013-5943 [MEDIUM] CVE-2013-5943: graphite-web - Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0.9.11 al...
Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0.9.11 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Scope: local
bookworm: resolved (fixed in 0.9.12+debian-1)
forky: resolved (fixed in 0.9.12+debian-1)
sid: resolved (fixed in 0.9.12+debian-1)
trixie: resolved (fixed in 0.9.12+debian-1)
No detection rules found.
No public exploits indexed.
2013-09-27
Published