Description
Cross-site scripting (XSS) vulnerability in Ushahidi Platform 2.5.x through 2.6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (5)
Core 5
Core References
Issue Tracking x_refsource_confirm
https://github.com/ushahidi/Ushahidi_Web/issues/1009
Issue Tracking x_refsource_confirm
https://github.com/ushahidi/Ushahidi_Web/pull/1056
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/59410
Exploit, Patch x_refsource_misc
https://github.com/rjmackay/Ushahidi_Web/commit/593719ff805a302e3ab2f2e535c875f90a04ea56
Patch, Vendor Advisory x_refsource_confirm
https://wiki.ushahidi.com/display/WIKI/1+May+2013+-+CVE-2013-2025
Scores
EPSS
0.0192
EPSS Percentile
77.3%
Details
CWE
CWE-79
Status
published
Products (3)
ushahidi/ushahidi_platform
2.5
ushahidi/ushahidi_platform
2.6
ushahidi/ushahidi_platform
2.6.1
Published
Apr 25, 2014
Tracked Since
Feb 18, 2026