cbcvebase.
CVE-2013-7231
published 2013-12-30

CVE-2013-7231: Cross-site scripting (XSS) vulnerability in the Mobile Content Server in ESRI ArcGIS for Server 10.1 and 10.2 allows remote authenticated users to inject…

PriorityP413low3.5CVSS 2.0
AVNACMAuSCNIPAN
EPSS
1.08%
60.8th percentile
Cross-site scripting (XSS) vulnerability in the Mobile Content Server in ESRI ArcGIS for Server 10.1 and 10.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-5222.

Affected

2 ranges
VendorProductVersion rangeFixed in
esriarcgis_server
esriarcgis_server

CVSS provenance

nvdv2.03.5LOWAV:N/AC:M/Au:S/C:N/I:P/A:N
vendor_redhat2.1LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.