Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 29/07/2013 Updated: 30/07/2013

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote malicious users to inject arbitrary web script or HTML via the (1) SelTab parameter to QV_admin.aspx, the (2) CallBack parameter to QV_grid.aspx, or the (3) HelpPage parameter to commonhelp.aspx.

Vulnerable Product	Search on Vulmon	Subscribe to Product
bmc service desk express 10.2.1.95

Classification: NON SENSITIVE INFORMATION RELEASABLE TO THE PUBLIC Multiple vulnerabilities in BMC SERVICE DESK EXPRESS (SDE) Version 102195 Affected Product: BMC SERVICE DESK EXPRESS (SDE) Version 102195 Timeline: 07 June 2013 - Vulnerability found 12 June 2013 - Vendor informed 17 June 2013 - Vendor replied/confirmed &amp ...

CWE-79 http://www.exploit-db.com/exploits/26806 http://www.securityfocus.com/bid/61147 http://archives.neohapsis.com/archives/bugtraq/2013-07/0082.html https://nvd.nist.gov https://www.exploit-db.com/exploits/26806/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-4946

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect