CVE-2013-2181

Monkey - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the Directory Listing plugin in Monkey HTTP Daemon (monkeyd) 1.2.2 allows attackers to inject arbitrary web script or HTML via a file name.

References (2)

[Exploit] http://bugs.monkey-project.com/ticket/185

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1028670

Scores

EPSS 0.0025

EPSS Percentile 48.2%

Details

CWE

CWE-79

Status published

Products (2)

monkey-project/monkey

n/a/n/a

Published Jul 29, 2013

Tracked Since Feb 18, 2026