CVE-2013-2299

Advantech Webaccess < 7.0 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in Advantech WebAccess (formerly BroadWin WebAccess) before 7.1 2013.05.30 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Exploits (1)

exploitdb WRITEUP

by SecPod Research · textwebappsasp

https://www.exploit-db.com/exploits/23968

View Code ZIP pw:eip

References (1)

[US Government Resource] http://ics-cert.us-cert.gov/advisories/ICSA-13-225-01

Scores

EPSS 0.0052

EPSS Percentile 66.6%

Details

CWE

CWE-79

Status published

Products (4)

advantech/advantech_webaccess < 7.0

advantech/advantech_webaccess

n/a/n/a

Published Aug 22, 2013

Tracked Since Feb 18, 2026