Home

CVE-2013-2137

Description

Cross-site scripting (XSS) vulnerability in the View Log screen in the Webtools application in Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Risk Information

Base Score
4.7
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
EPSS Score
Exploitation Probability
3.806

Associated Vulnerability

No records found

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234