CVE-2013-4372
N/A
N/A
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Fuse Management Console in Red Hat JBoss Fuse 6.0.0 before patch 3 and JBoss A-MQ 6.0.0 before patch 3 allow remote attackers to inject arbitrary web script or HTML via the (1) user field in the create user page or (2) profile version to the create profile page.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://rhn.redhat.com/errata/RHSA-2013-1862.html
- http://www.securityfocus.com/bid/62659
- http://fusesource.com/issues/browse/FMC-495
- http://rhn.redhat.com/errata/RHSA-2013-1286.html
- http://fusesource.com/forge/git/fuseenterprise.git/?p=fuseenterprise.git%3Ba=commitdiff%3Bh=f5436ea1c5547c851bb6f92561272fe42c146e68
- https://bugzilla.redhat.com/show_bug.cgi?id=1011736
- https://github.com/jboss-fuse/fuse/commit/e280cb370323eeb759030919d5111ed809e8ded5
References
- http://rhn.redhat.com/errata/RHSA-2013-1862.html
- http://www.securityfocus.com/bid/62659
- http://fusesource.com/issues/browse/FMC-495
- http://rhn.redhat.com/errata/RHSA-2013-1286.html
- http://fusesource.com/forge/git/fuseenterprise.git/?p=fuseenterprise.git%3Ba=commitdiff%3Bh=f5436ea1c5547c851bb6f92561272fe42c146e68
- https://bugzilla.redhat.com/show_bug.cgi?id=1011736
- https://github.com/jboss-fuse/fuse/commit/e280cb370323eeb759030919d5111ed809e8ded5
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.