CVE-2013-3501

Name of the Vulnerable Software and Affected Versions GroundWork Monitor Enterprise version 6.7.0

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The vulnerabilities are related to vectors involving the foundation-webapp/admin/ directory, the NeDi component, or the Noma component.

Recommendations For GroundWork Monitor Enterprise version 6.7.0, update to a version that addresses these XSS vulnerabilities. As a temporary workaround, consider restricting access to the foundation-webapp/admin/ directory, as well as the NeDi and Noma components, to minimize the risk of exploitation. Avoid using these components until the issue is resolved.