What is CVE-2019-13345?

CVE-2019-13345 is a vulnerability in N/a. Published 2019-07-05.

Is CVE-2019-13345 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

CVE-2019-13345

The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.

EPSS: 0.745 (99.4th percentile) — read the EPSS interpretation.

github.com/squid-cache/squid/pull/429 (x_refsource_MISC)
bugs.squid-cache.org/show_bug.cgi (x_refsource_MISC)
[debian-lts-announce] 20190707 [SECURITY] [DLA 1847-1] squid3 security update (mailing-list, x_refsource_MLIST)
USN-4059-1 (vendor-advisory, x_refsource_UBUNTU)
USN-4059-2 (vendor-advisory, x_refsource_UBUNTU)
109095 (vdb-entry, x_refsource_BID)
FEDORA-2019-c1e06901bc (vendor-advisory, x_refsource_FEDORA)
FEDORA-2019-cb50bcc189 (vendor-advisory, x_refsource_FEDORA)
openSUSE-SU-2019:1963 (vendor-advisory, x_refsource_SUSE)
DSA-4507 (vendor-advisory, x_refsource_DEBIAN)

What is CVE-2019-13345?: CVE-2019-13345 is a vulnerability in N/a. Published 2019-07-05.
Is CVE-2019-13345 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.