CVE-2013-7231

{"id": "CVE-2013-7231", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2013-12-30T04:53:07.427", "references": [{"url": "http://support.esri.com/en/downloads/patches-servicepacks/view/productid/66/metaid/2009", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://support.esri.com/en/knowledgebase/techarticles/detail/41468", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the Mobile Content Server in ESRI ArcGIS for Server 10.1 and 10.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-5222."}, {"lang": "es", "value": "Cross-site scripting (XSS) en el servidor de contenido m\u00f3vil de ESRI ArcGIS Server 10.1 y 10.2 permite a los usuarios remotos autenticados inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2013 a 5222."}], "lastModified": "2024-07-11T18:07:23.630", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:esri:arcgis_server:10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9177A95B-4A0A-42D7-9792-E58CC2207021"}, {"criteria": "cpe:2.3:a:esri:arcgis_server:10.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E93A0EA7-1DCB-465F-A34B-44CC8294EE67"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}