PT-2013-2873 · Novell · Zenworks Configuration Management
Publicado
2013-06-17
·
Atualizado
2013-11-07
·
CVE-2013-1097
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Novell ZENworks Configuration Management (ZCM) versions 11.2 through 11.2.3a before Monthly Update 1
Description
A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via vectors involving an onload event.
Recommendations
For versions 11.2 through 11.2.3a before Monthly Update 1, update to a version that includes the Monthly Update 1 or later to resolve the issue.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Zenworks Configuration Management