PT-2013-2873 · Novell · Zenworks Configuration Management
Published
2013-06-17
·
Updated
2013-11-07
·
CVE-2013-1097
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Novell ZENworks Configuration Management (ZCM) versions 11.2 through 11.2.3a before Monthly Update 1
Description
A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via vectors involving an onload event.
Recommendations
For versions 11.2 through 11.2.3a before Monthly Update 1, update to a version that includes the Monthly Update 1 or later to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Zenworks Configuration Management