Josh Thompson

1 exploit Active since Feb 2018
CVE-2013-0267 WRITEUP HIGH WRITEUP
Apache VCL 2.1-2.2.1, 2.3-2.3.1 - Privilege Escalation, DoS, and XSS via Improper Data Validation
The Privileges portion of the web GUI and the XMLRPC API in Apache VCL 2.3.x before 2.3.2, 2.2.x before 2.2.2 and 2.1 allow remote authenticated users with nodeAdmin, manageGroup, resourceGrant, or userGrant permissions to gain privileges, cause a denial of service, or conduct cross-site scripting (XSS) attacks by leveraging improper data validation.
CVSS 8.8