CVE-2013-3288
RSA Data Protection Manager Appliance 3.2.x-3.2.4.1 and 3.5.x-3.5.0 - Cross-Site Scripting via Crafted URL
Title source: llmDescription
Cross-site scripting (XSS) vulnerability on the EMC RSA Data Protection Manager (DPM) appliance 3.2.x before 3.2.4.2 and 3.5.x before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
References (1)
Core 1
Core References
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html
Scores
EPSS
0.0022
EPSS Percentile
45.2%
Details
CWE
CWE-79
Status
published
Products (6)
emc/rsa_data_protection_manager_appliance
3.2
emc/rsa_data_protection_manager_appliance
3.2.1
emc/rsa_data_protection_manager_appliance
3.2.2
emc/rsa_data_protection_manager_appliance
3.2.3
emc/rsa_data_protection_manager_appliance
3.2.4.1
emc/rsa_data_protection_manager_appliance
3.5
Published
Nov 22, 2013
Tracked Since
Feb 18, 2026