Vulnerability Description
Cross-site scripting (XSS) vulnerability in manage.php in the PBBooking (com_pbbooking) component 2.4 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the an arbitrary parameter in an edit action to administrator/index.php.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Purplebeanie | Com Pbbooking | 2.4 |
| Joomla | Joomla\! | All versions |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/125734Exploit
- http://seclists.org/fulldisclosure/2014/Mar/269Exploit
- http://www.securityfocus.com/bid/66257
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91823
- http://packetstormsecurity.com/files/125734Exploit
- http://seclists.org/fulldisclosure/2014/Mar/269Exploit
- http://www.securityfocus.com/bid/66257
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91823
FAQ
What is CVE-2013-5955?
CVE-2013-5955 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in manage.php in the PBBooking (com_pbbooking) component 2.4 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the an arbitrary pa...
How severe is CVE-2013-5955?
CVE-2013-5955 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-5955?
Check the references section above for vendor advisories and patch information. Affected products include: Purplebeanie Com Pbbooking, Joomla Joomla\!.