CVE-2013-3065
Summary
| CVE | CVE-2013-3065 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-09-29 22:55:00 UTC |
| Updated | 2014-09-30 18:25:00 UTC |
| Description | Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Linksys | Ea6500 | - | All | All | All |
| Hardware | Linksys | Ea6500 | - | All | All | All |
| Operating System | Linksys | Ea6500 Firmware | 1.1.28.147876 | All | All | All |
| Operating System | Linksys | Ea6500 Firmware | 1.1.28.147876 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf | MISC | securityevaluators.com | Exploit |
| Linksys EA6500 Hacked, Rooted by ISE | MISC | securityevaluators.com | Exploit |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.