CVE-2013-0009

Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote attackers to inject arbitrary web script or HTML via crafted input, aka "System Center Operations Manager Web Console XSS Vulnerability," a different vulnerability than CVE-2013-0010.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:system_center_operations_manager:2007:r2:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2007:sp1:*:*:*:*:*:*

History

21 Nov 2024, 01:46

Type Values Removed Values Added
References () http://www.us-cert.gov/cas/techalerts/TA13-008A.html - Third Party Advisory, US Government Resource () http://www.us-cert.gov/cas/techalerts/TA13-008A.html - Third Party Advisory, US Government Resource
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-003 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-003 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15760 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15760 -

Information

Published : 2013-01-09 18:09

Updated : 2024-11-21 01:46


NVD link : CVE-2013-0009

Mitre link : CVE-2013-0009

CVE.ORG link : CVE-2013-0009


JSON object : View

Products Affected

microsoft

  • system_center_operations_manager
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')