NVD

Id
38627  
Name
CVE-2013-2671  
Description
Multiple cross-site scripting (XSS) vulnerabilities in the Brother MFC-9970CDW printer with firmware L (1.10) allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) val parameter to admin/admin_main.html; (3) id, (4) val, or (5) arbitrary parameter name (QUERY_STRING) to admin/profile_settings_net.html; or (6) kind or (7) arbitrary parameter name (QUERY_STRING) to fax/general_setup.html, a different vulnerability than CVE-2013-2507 and CVE-2013-2670.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-18  
Published
2014-03-14  
Modified Date
2014-03-25  
Seq
2013-2671  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
198074 38627 CVE-2013-2671 http://packetstormsecurity.com/files/121553/Brother-MFC-9970CDW-Firmware-0D-Cross-Site-Scripting.html  View
198075 38627 CVE-2013-2671 http://www.cloudscan.me/2013/05/xss-javascript-injection-brother-mfc.html  View
198076 38627 CVE-2013-2671 brothermfc9970cdw-cve20132671-xss(84093)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
24619 JVNDB-2013-006194 Brother MFC-9970CDW プリンタのファームウェアにおけるクロスサイトスクリプティングの脆弱性 Brother MFC-9970CDW プリンタのファームウェアには、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2013-2671 62613 CVE-2013-2671 38627 4.3 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-006194.html 2013-05-06 2014-03-18 View