CVE-2013-1823

MEDIUM

4.3

CVSS Severity Score

EPSS Score0.1870%

EPSS Percentile5.47th

PublishedApr 2, 2013

Last ModifiedApr 29, 2026

Vulnerability Description

Cross-site scripting (XSS) vulnerability in the Notifications form in Red Hat Subscription Asset Manager before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the username field.

Affected Platforms (CPE)

📦

Redhat

Subscription Asset Manager

<= 1.2.0

📦

Redhat

Subscription Asset Manager

= 1.0.0

📦

Redhat

Subscription Asset Manager

= 1.1.0

References & Advisories

🔗 http://rhn.redhat.com/errata/RHSA-2013-0686.html

🔗 http://secunia.com/advisories/52774

🔗 http://www.osvdb.org/91718

🔗 https://bugzilla.redhat.com/show_bug.cgi?id=918784

🔗 http://rhn.redhat.com/errata/RHSA-2013-0686.html

🔗 http://secunia.com/advisories/52774

🔗 http://www.osvdb.org/91718

🔗 https://bugzilla.redhat.com/show_bug.cgi?id=918784

Vulnerability Description

Affected Platforms (CPE)

Subscription Asset Manager

Subscription Asset Manager

Subscription Asset Manager

References & Advisories

Related Vulnerabilities