CVE-2013-1823: XSS
First published: Wed Mar 06 2013(Updated: )
Cross-site scripting (XSS) vulnerability in the Notifications form in Red Hat Subscription Asset Manager before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the username field.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Subscription Asset Manager | <=1.2.0 | |
| Red Hat Subscription Asset Manager | =1.0.0 | |
| Red Hat Subscription Asset Manager | =1.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-1823?
CVE-2013-1823 is classified as a moderate severity cross-site scripting (XSS) vulnerability.
How do I fix CVE-2013-1823?
To fix CVE-2013-1823, upgrade Red Hat Subscription Asset Manager to version 1.2.1 or later.
What software is affected by CVE-2013-1823?
CVE-2013-1823 affects Red Hat Subscription Asset Manager versions up to and including 1.2.0.
What type of vulnerability is CVE-2013-1823?
CVE-2013-1823 is a cross-site scripting (XSS) vulnerability.
Who reported the CVE-2013-1823 vulnerability?
CVE-2013-1823 was reported by Suresh Thiru (sthirugn) of Red Hat.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/author
- agent/last-modified-date
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2013-1823
- agent/trending
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/redhat
- canonical/red hat subscription asset manager
- version/red hat subscription asset manager/1.2.0
- version/red hat subscription asset manager/1.0.0
- version/red hat subscription asset manager/1.1.0