What is CVE-2013-0942?

CVE-2013-0942 is a vulnerability in Apache Http_server, classified under Cross-site Scripting. Published 2013-05-22.

Is CVE-2013-0942 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

XSS in Apache Http_server

CVE-2013-0942

Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML vi…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.005 (66.2th percentile) — read the EPSS interpretation.

Affected products

Apache Http_server
Emc Rsa_authentication_agent — versions 7.1
Microsoft Internet_information_server
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

Public proof-of-concept exploits

References

20130510 ESA-2013-031: RSA Authentication Agent Cross-Site Scripting (XSS) Vulnerability (mailing-list, x_refsource_BUGTRAQ)

Frequently asked questions

What is CVE-2013-0942?: CVE-2013-0942 is a vulnerability in Apache Http_server, classified under Cross-site Scripting. Published 2013-05-22.
Is CVE-2013-0942 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.