CVE-2013-1070
NONE EPSS 81.8%
Published Feb 17, 201412y ago · Modified Jun 16, 20262w ago
Published Feb 17, 2014 12y ago
Last Modified Jun 16, 2026 2w ago
Description
Cross-site scripting (XSS) vulnerability in the API in Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the op parameter to nodes/.
Threat Intelligence
EPSS Exploit Probability
81.8% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-79 Cross-site Scripting Injection
Affected Products 2
References 3
- securityfocus.com http://www.securityfocus.com/bid/65575
- ubuntu.com http://www.ubuntu.com/usn/USN-2105-1
- bugs.launchpad.net https://bugs.launchpad.net/maas/%2Bbug/1251336
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.