Skip to main content
CVE-2013-6202 MEDIUM This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in HP Service Manager 9.30, 9.31, 9.32, and 9.33 allow remote attackers to hijack the authentication of unspecified victims for requests. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF XSS HP RCE Service Manager
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2013-6657 MEDIUM PATCH This Month

core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests,. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Google XSS Chrome
NVD
CVSS 2.0
6.4
EPSS
0.3%
CVE-2013-6659 MEDIUM PATCH This Month

The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Google Chrome
NVD
CVSS 2.0
6.4
EPSS
0.1%
CVE-2013-6656 MEDIUM PATCH This Month

The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Google XSS Chrome
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-6660 MEDIUM This Month

The drag-and-drop implementation in Google Chrome before 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote attackers to discover full. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Google Chrome
NVD
CVSS 2.0
5.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy