CVE-2013-7025: XSS
First published: Mon Dec 09 2013(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or HTML via the (1) valfield_1 or (2) value_1 parameter to createNewThreshold.jsp.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SonicWALL Analyzer | =7.0 | |
| SonicWALL Analyzer | =7.1 | |
| SonicWALL Analyzer | =7.1-sp1 | |
| SonicWALL Global Management System | =7.0 | |
| SonicWALL Global Management System | =7.1 | |
| SonicWALL Global Management System | =7.1-sp1 | |
| Sonicwall Uma E5000 Firmware | =7.0 | |
| Sonicwall Uma E5000 Firmware | =7.1 | |
| Sonicwall Uma E5000 Firmware | =7.1-sp1 | |
| SonicWALL UMA E5000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://archives.neohapsis.com/archives/bugtraq/2013-12/0022.html
- http://osvdb.org/100610
- http://seclists.org/fulldisclosure/2013/Dec/32
- http://secunia.com/advisories/55923
- http://www.exploit-db.com/exploits/30054
- http://www.securityfocus.com/bid/64103
- http://www.securitytracker.com/id/1029433
- http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_Hotfix_134235.pdf
- http://www.vulnerability-lab.com/get_content.php?id=1099
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89462
- collector/nvd-index
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/description
- agent/weakness
- agent/type
- agent/references
- agent/event
- agent/tags
- agent/author
- collector/mitre-cve
- source/MITRE
- vendor/sonicwall
- canonical/sonicwall analyzer
- version/sonicwall analyzer/7.0
- version/sonicwall analyzer/7.1
- version/sonicwall analyzer/7.1-sp1
- canonical/sonicwall global management system
- version/sonicwall global management system/7.0
- version/sonicwall global management system/7.1
- version/sonicwall global management system/7.1-sp1
- canonical/sonicwall uma e5000 firmware
- version/sonicwall uma e5000 firmware/7.0
- version/sonicwall uma e5000 firmware/7.1
- version/sonicwall uma e5000 firmware/7.1-sp1
- canonical/sonicwall uma e5000