CVE-2013-7351

Summary

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the (1) showRSS, (2) showATOM, or (3) showDailyRSS function; a (4) file name to the importFile function; or (5) vectors related to bookmarks.

Affected Software

VendorProductVersion RangeStatus
ShaarliShaarlibefore 53da201749f8f362323ef278bf338f1d9f7a925aaffected

Weaknesses

  • Cross-Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References