NVD

Id
41979  
Name
CVE-2013-7241  
Description
Cross-site scripting (XSS) vulnerability in the export function in zp-core/zp-extensions/mergedRSS.php in Zenphoto before 1.4.5.4 allows remote attackers to inject arbitrary web script or HTML via the URI.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-18  
Published
2013-12-31  
Modified Date
2016-12-30  
Seq
2013-7241  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
211871 41979 CVE-2013-7241 [oss-security] 20131230 CVE request: Zenphoto 1.4.5.4  View
211872 41979 CVE-2013-7241 [oss-security] 20131230 Re: CVE request: Zenphoto 1.4.5.4  View
211873 41979 CVE-2013-7241 20131003 [SOJOBO-ADV-13-01] - Zenphoto 1.4.5.2 multiple vulnerabilities  View
211874 41979 CVE-2013-7241 http://www.enkomio.com/Advisory/SOJOBO-ADV-13-01  View
211875 41979 CVE-2013-7241 62815  View
211876 41979 CVE-2013-7241 http://www.zenphoto.org/news/zenphoto-1.4.5.4  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
24176 JVNDB-2013-005751 Zenphoto の zp-core/zp-extensions/mergedRSS.php 内の export 関数におけるクロスサイトスクリプティングの脆弱性 Zenphoto の zp-core/zp-extensions/mergedRSS.php 内の export 関数には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2013-7241 67183 CVE-2013-7241 41979 4.3 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-005751.html 2013-10-01 2014-01-07 View