CVSS: 4.3EPSS: 25%CPEs: 2EXPL: 0CVE-2013-0009
https://notcve.org/view.php?id=CVE-2013-0009
Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote attackers to inject arbitrary web script or HTML via crafted input, aka "System Center Operations Manager Web Console XSS Vulnerability," a different vulnerability than CVE-2013-0010. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Microsoft System Center Operations Manager 2007 SP1 y R2 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de la entrada manipulada, también conocido como "System Center Operations Manager Web Console XSS Vulnerability", una vulnerabilidad diferente a CVE-2013-0010. • http://www.us-cert.gov/cas/techalerts/TA13-008A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-003 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15760 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 25%CPEs: 2EXPL: 0CVE-2013-0010
https://notcve.org/view.php?id=CVE-2013-0010
Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote attackers to inject arbitrary web script or HTML via crafted input, aka "System Center Operations Manager Web Console XSS Vulnerability," a different vulnerability than CVE-2013-0009. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Microsoft System Center Operations Manager 2007 SP1 y R2 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de la entrada manipulada, también conocido como "System Center Operations Manager Web Console XSS Vulnerability", una vulnerabilidad diferente a CVE-2013-0009. • http://www.us-cert.gov/cas/techalerts/TA13-008A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-003 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16232 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •