CVE-2013-1070

NONE EPSS 81.8%
Published Feb 17, 201412y ago · Modified Jun 16, 20262w ago
Find Similar
Published Feb 17, 2014 12y ago
Last Modified Jun 16, 2026 2w ago

Description

Cross-site scripting (XSS) vulnerability in the API in Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the op parameter to nodes/.

Threat Intelligence

EPSS Exploit Probability
81.8% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-79 Cross-site Scripting Injection

Affected Products 2

VendorProductVersionRange
ubuntumetal_as_a_service1.2any
ubuntumetal_as_a_service1.4any

References 3

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.