Published: 02/04/2013 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and ZeroClipboard10.swf in ZeroClipboard prior to 1.0.8, as used in em-shorty, RepRapCalculator, Fulcrum, Django, aCMS, and other products, allows remote malicious users to inject arbitrary web script or HTML via the id parameter. NOTE: this is might be the same vulnerability as CVE-2013-1463. If so, it is likely that CVE-2013-1463 will be REJECTed.

Vulnerable Product	Search on Vulmon	Subscribe to Product
zeroclipboard project zeroclipboard
zeroclipboard project zeroclipboard 1.0.5

Debian Bug report logs - #706725 jenkins: multiple security vulnerabilities Package: jenkins; Maintainer for jenkins is (unknown); Reported by: Nobuhiro Ban <bannobuhiro@gmailcom> Date: Fri, 3 May 2013 18:57:02 UTC Severity: grave Tags: security Found in version jenkins/14472+dfsg-3 Fixed in version jenkins/15092+d ...

ZeroClipboardswf as included with multiple themes in WordPress suffers from cross site scripting and path disclosure vulnerabilities ...

CWE-79 http://www.openwall.com/lists/oss-security/2013/03/10/2 http://securityvulns.ru/docs29104.html https://github.com/jonrohan/ZeroClipboard/commit/a0e02933f5f7ce5f364fbad36a005f0a349f0696 https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-108 http://securityvulns.ru/docs29105.html http://www.openwall.com/lists/oss-security/2013/03/03/3 http://www.securityfocus.com/bid/58257 http://www.openwall.com/lists/oss-security/2013/03/25/1 http://www.openwall.com/lists/oss-security/2013/03/26/8 http://seclists.org/fulldisclosure/2013/Feb/103 http://securityvulns.ru/docs29103.html http://seclists.org/fulldisclosure/2013/Apr/88 http://seclists.org/fulldisclosure/2013/Mar/5 http://seclists.org/fulldisclosure/2013/Apr/87 http://seclists.org/fulldisclosure/2013/Feb/109 http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706725 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-1808

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect