Cross-site scripting (XSS) vulnerability in the administer interface in the UniFi Controller in Ubiquiti Networks UniFi 2.3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted client hostname.
History

Thu, 12 Dec 2024 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Ui unifi Controller
CPEs cpe:2.3:a:ui:unifi:*:*:*:*:*:*:*:* cpe:2.3:a:ui:unifi_controller:*:*:*:*:*:*:*:*
Vendors & Products Ui unifi
Ui unifi Controller
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2013-12-31T20:00:00

Updated: 2024-08-06T16:14:56.451Z

Reserved: 2013-05-21T00:00:00

Link: CVE-2013-3572

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2013-12-31T20:55:15.133

Modified: 2024-12-12T19:05:07.917

Link: CVE-2013-3572

cve-icon Redhat

No data.