XSS in Gwos Groundwork_monitor
CVE-2013-3501
Multiple cross-site scripting (XSS) vulnerabilities in GroundWork Monitor Enterprise 6.7.0 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the foundation-webapp/admin/ directory, (2) the NeDi compon…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.013 (67.3th percentile) — read the EPSS interpretation.
Affected products
- Gwos Groundwork_monitor — versions 6.7.0
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_MISC)
- VU#345260 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)