| |
Vulnerability CVE-2013-6111
Published: 2013-11-02 Modified: 2013-11-03
Description: |
Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.x, 1.0.22.7, 1.1.x, 1.24.1, 1.3.25.1 through 1.3.25.4, 1.4.26.1 through 1.4.26.4, 1.5.27.1 through 1.5.27.3, and 1.6.29.1 through 1.6.29.6 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.3/10 |
2.9/10 |
8.6/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
None |
Partial |
None |
References: |
https://groups.google.com/d/msg/mod-pagespeed-announce/oo015UHRxMc/JcAuf1hE8L8J
http://www.securitytracker.com/id/1029262
http://osvdb.org/99081
|
|
|
closedb();
?>
Copyright 2024, cxsecurity.com
|
|
|