CVE-2013-4414

Redhat Enterprise Mrg - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to inject arbitrary web script or HTML via the "Max allowance" field in the "Set limit" form.

References (3)

[Issue Tracking] http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=998606

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2013-1851.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2013-1852.html

Scores

EPSS 0.0030

EPSS Percentile 52.7%

Details

CWE

CWE-79

Status published

Products (2)

redhat/enterprise_mrg

n/a/n/a

Published Dec 23, 2013

Tracked Since Feb 18, 2026