Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the site creation interface in ikiwiki-hosting before 0.20131025 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ikiwiki Hosting Project | Ikiwiki Hosting | <= 0.20130926 |
Related Weaknesses (CWE)
References
- http://osvdb.org/99012
- http://packages.qa.debian.org/i/ikiwiki-hosting/news/20131025T224825Z.html
- http://seclists.org/oss-sec/2013/q4/180
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88334
- http://osvdb.org/99012
- http://packages.qa.debian.org/i/ikiwiki-hosting/news/20131025T224825Z.html
- http://seclists.org/oss-sec/2013/q4/180
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88334
FAQ
What is CVE-2013-6047?
CVE-2013-6047 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in the site creation interface in ikiwiki-hosting before 0.20131025 allow remote attackers to inject arbitrary web script or HTML via unspecified ve...
How severe is CVE-2013-6047?
CVE-2013-6047 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-6047?
Check the references section above for vendor advisories and patch information. Affected products include: Ikiwiki Hosting Project Ikiwiki Hosting.