What is the severity of CVE-2013-6910?

CVE-2013-6910 is classified as a high-severity vulnerability due to its potential for enabling cross-site scripting attacks.

How do I fix CVE-2013-6910?

To fix CVE-2013-6910, you should upgrade Cybozu Garoon to version 3.7.0 or later, which addresses the XSS vulnerability.

What types of attacks can exploit CVE-2013-6910?

CVE-2013-6910 can be exploited to perform cross-site scripting attacks, allowing attackers to inject arbitrary web scripts or HTML.

Which versions of Cybozu Garoon are affected by CVE-2013-6910?

CVE-2013-6910 affects multiple versions of Cybozu Garoon prior to 3.7.0, including 3.5 and earlier versions.

Are there any known exploits for CVE-2013-6910?

While specific exploits for CVE-2013-6910 have not been publicly disclosed, the nature of XSS vulnerabilities typically allows attackers to execute malicious scripts.

Vulnerability/
CVE-2013-6910

medium

4.3

CWE

5/12/2013

6/8/2024

CVE-2013-6910: XSS

First published: Thu Dec 05 2013(Updated: )

Cross-site scripting (XSS) vulnerability in Ajax components in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Credit: vultures@jpcert.or.jp

Affected Software	Affected Version	How to fix
Cybozu Garoon	<=3.5
Cybozu Garoon	=2.0-sp1
Cybozu Garoon	=2.0-sp2
Cybozu Garoon	=2.0-sp3
Cybozu Garoon	=2.0-sp4
Cybozu Garoon	=2.0-sp5
Cybozu Garoon	=2.0-sp6
Cybozu Garoon	=2.1
Cybozu Garoon	=2.1-sp1
Cybozu Garoon	=2.1-sp2
Cybozu Garoon	=2.1-sp3
Cybozu Garoon	=2.5
Cybozu Garoon	=2.5-sp1
Cybozu Garoon	=2.5-sp2
Cybozu Garoon	=2.5-sp3
Cybozu Garoon	=2.5-sp4
Cybozu Garoon	=3.0
Cybozu Garoon	=3.0-sp1
Cybozu Garoon	=3.0-sp2
Cybozu Garoon	=3.0-sp3
Cybozu Garoon	=3.1
Cybozu Garoon	=3.1-sp1
Cybozu Garoon	=3.1-sp2
Cybozu Garoon	=3.1-sp3
Cybozu Garoon	=3.5
Cybozu Garoon	=3.5-sp1
Cybozu Garoon	=3.5-sp2
Cybozu Garoon	=3.5-sp3
Cybozu Garoon	=3.5-sp4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-6910?
CVE-2013-6910 is classified as a high-severity vulnerability due to its potential for enabling cross-site scripting attacks.
How do I fix CVE-2013-6910?
To fix CVE-2013-6910, you should upgrade Cybozu Garoon to version 3.7.0 or later, which addresses the XSS vulnerability.
What types of attacks can exploit CVE-2013-6910?
CVE-2013-6910 can be exploited to perform cross-site scripting attacks, allowing attackers to inject arbitrary web scripts or HTML.
Which versions of Cybozu Garoon are affected by CVE-2013-6910?
CVE-2013-6910 affects multiple versions of Cybozu Garoon prior to 3.7.0, including 3.5 and earlier versions.
Are there any known exploits for CVE-2013-6910?
While specific exploits for CVE-2013-6910 have not been publicly disclosed, the nature of XSS vulnerabilities typically allows attackers to execute malicious scripts.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/author
agent/weakness
agent/first-publish-date
agent/tags
agent/event
agent/description
agent/source
vendor/cybozu
canonical/cybozu garoon
version/cybozu garoon/3.5
version/cybozu garoon/2.0-sp1
version/cybozu garoon/2.0-sp2
version/cybozu garoon/2.0-sp3
version/cybozu garoon/2.0-sp4
version/cybozu garoon/2.0-sp5
version/cybozu garoon/2.0-sp6
version/cybozu garoon/2.1
version/cybozu garoon/2.1-sp1
version/cybozu garoon/2.1-sp2
version/cybozu garoon/2.1-sp3
version/cybozu garoon/2.5
version/cybozu garoon/2.5-sp1
version/cybozu garoon/2.5-sp2
version/cybozu garoon/2.5-sp3
version/cybozu garoon/2.5-sp4
version/cybozu garoon/3.0
version/cybozu garoon/3.0-sp1
version/cybozu garoon/3.0-sp2
version/cybozu garoon/3.0-sp3
version/cybozu garoon/3.1
version/cybozu garoon/3.1-sp1
version/cybozu garoon/3.1-sp2
version/cybozu garoon/3.1-sp3
version/cybozu garoon/3.5-sp1
version/cybozu garoon/3.5-sp2
version/cybozu garoon/3.5-sp3
version/cybozu garoon/3.5-sp4