What is CVE-2013-6786?

CVE-2013-6786 is a vulnerability in Allegrosoft Rompager, classified under Cross-site Scripting. Published 2014-01-16.

Is CVE-2013-6786 known to be exploited?

14 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

XSS in Allegrosoft Rompager

CVE-2013-6786

Cross-site scripting (XSS) vulnerability in Allegro RomPager before 4.51, as used on the ZyXEL P660HW-D1, Huawei MT882, Sitecom WL-174, TP-LINK TD-8816, and D-Link DSL-2640R and DSL-2641R, when the "forbidden author header" protection mech…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.003 (50.6th percentile) — read the EPSS interpretation.

Affected products

Allegrosoft Rompager
Dlink Dsl-2640r
Dlink Dsl-2641r
Huawei Mt882
Sitecom Wl-174
Tp-link Td-8816
Zyxel P-660hw_d1
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

Public proof-of-concept exploits

ARPSyndicate/cvemon
CERT-hr/modified_
antoniovazquezblanco/advisories
cve-search/cve-search
cve-search/cve-search-ng
enthought/cve-search
extremenetworks/cve-search-src
jerfinj/cve-search
miradam/cve-search
pgurudatta/cve-search

References

cve@mitre.org (Exploit, x_refsource_MISC)
99694 (x_refsource_OSVDB, vdb-entry)
cve@mitre.org (Exploit, x_refsource_MISC)

Frequently asked questions

What is CVE-2013-6786?: CVE-2013-6786 is a vulnerability in Allegrosoft Rompager, classified under Cross-site Scripting. Published 2014-01-16.
Is CVE-2013-6786 known to be exploited?: 14 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.