Vulnerability CVE-2013-0177

Vulnerability CVE-2013-0177

Published: 2014-01-30

Description:

	Topic	Author	Date
Low	Apache OFBiz Cross-Site Scripting (XSS) Vulnerability	Marcos Garcia	19.01.2013

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
3.5/10	2.9/10	6.8/10

Affected software
Apache -> Open for business project
Apache -> Ofbiz

http://ofbiz.apache.org/download.html#vulnerabilities

http://packetstormsecurity.com/files/119673/Apache-OFBiz-Cross-Site-Scripting.html

http://seclists.org/fulldisclosure/2013/Jan/148

https://exchange.xforce.ibmcloud.com/vulnerabilities/81398

https://fisheye6.atlassian.com/changelog/ofbiz?cs=1432395

https://fisheye6.atlassian.com/changelog/ofbiz?cs=1432850