CVE-2013-5500: XSS
First published: Fri Sep 20 2013(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin service page in Cisco MediaSense allow remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuj23320, CSCuj23324, CSCuj23333, and CSCuj23338.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco MediaSense |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-5500?
CVE-2013-5500 has a medium severity level due to the potential for remote attackers to exploit the vulnerabilities.
How do I fix CVE-2013-5500?
To fix CVE-2013-5500, ensure that you are using the latest version of Cisco MediaSense with all relevant security patches applied.
What systems are affected by CVE-2013-5500?
CVE-2013-5500 affects Cisco MediaSense installations with the oraadmin service page.
Can CVE-2013-5500 lead to data breaches?
Yes, CVE-2013-5500 can allow remote attackers to execute arbitrary scripts, potentially leading to data breaches.
Are there any workarounds for CVE-2013-5500?
As of now, it is recommended to apply the official patches from Cisco rather than relying on workarounds for CVE-2013-5500.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/cisco
- canonical/cisco mediasense