タイプ別 CVE リスト:XSS(公開年で絞り込み)

XSS に分類される脆弱性に紐づく CVE を、公開年で絞り込みます。一覧は新しい公開が上に来る並びで、CVSS / EPSS のリスク指標でもさらに絞り込めます。

直近の脆弱性公開や傾向を押さえ、セキュリティチームが高リスクな事象や悪用の可能性を素早く把握するためのビューです。

2013 年に公開され、XSS に分類される CVE を表示しています。 CVE の一覧へ

CVSS スコア
表示中 120 / 617
«« 先頭 « 前へ 1 / 31 次へ »
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2013-3572 Cross-site scripting (XSS) vulnerability in the administer interface in the UniFi Controller in Ubiquiti Networks UniFi 2.3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted client hostname. 6.1 1.65% 2013-12-31 2026-06-16
CVE-2013-6459 Cross-site scripting (XSS) vulnerability in the will_paginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving generated pagination links. 4.3 2.21% 2013-12-31 2026-06-16
CVE-2013-5573 Cross-site scripting (XSS) vulnerability in the default markup formatter in Jenkins 1.523 allows remote attackers to inject arbitrary web script or HTML via the Description field in the user configuration. 4.3 5.41% 2013-12-31 2026-06-16
CVE-2013-7241 Cross-site scripting (XSS) vulnerability in the export function in zp-core/zp-extensions/mergedRSS.php in Zenphoto before 1.4.5.4 allows remote attackers to inject arbitrary web script or HTML via the URI. 4.3 2.04% 2013-12-31 2026-06-16
CVE-2013-7231 Cross-site scripting (XSS) vulnerability in the Mobile Content Server in ESRI ArcGIS for Server 10.1 and 10.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-5222. 3.5 1.08% 2013-12-29 2026-06-16
CVE-2013-5222 Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Server 10.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. 3.5 1.08% 2013-12-29 2026-06-16
CVE-2013-5218 Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp. 2.9 3.76% 2013-12-29 2026-06-16
CVE-2013-5210 Cross-site scripting (XSS) vulnerability in the GUI login page in ADTRAN AOS before R10.8.1 on the NetVanta 7100 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 4.3 1.40% 2013-12-29 2026-06-16
CVE-2013-6198 Cross-site scripting (XSS) vulnerability in HP Service Manager WebTier and Windows Client 9.20 and 9.21 before 9.21.661 p8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 4.3 2.64% 2013-12-28 2026-06-16
CVE-2013-5583 Cross-site scripting (XSS) vulnerability in libraries/idna_convert/example.php in Joomla! 3.1.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. 4.3 1.48% 2013-12-28 2026-06-16
CVE-2013-2504 Cross-site scripting (XSS) vulnerability in SPS/Portal/default.aspx in Service Desk in Matrix42 Service Store 5.3 SP3 (aka 5.33.946.0) allows remote attackers to inject arbitrary web script or HTML via the query string. 4.3 3.04% 2013-12-28 2026-06-16
CVE-2013-6808 Cross-site scripting (XSS) vulnerability in lib/NSSDropoff.php in ZendTo before 4.11-13 allows remote attackers to inject arbitrary web script or HTML via a modified emailAddr field to pickup.php. 4.3 1.46% 2013-12-27 2026-06-16
CVE-2013-1096 Cross-site scripting (XSS) vulnerability in the Roles Based Provisioning Module 4.0.2 before Field Patch D for Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via a taskDetail taskId. 4.3 2.00% 2013-12-27 2026-06-16
CVE-2013-6388 Cross-site scripting (XSS) vulnerability in the Color module in Drupal 7.x before 7.24 allows remote attackers to inject arbitrary web script or HTML via vectors related to CSS. 4.3 1.83% 2013-12-24 2026-06-16
CVE-2013-6387 Cross-site scripting (XSS) vulnerability in the Image module in Drupal 7.x before 7.24 allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the description field. 2.1 1.44% 2013-12-24 2026-06-16
CVE-2013-4424 Multiple cross-site scripting (XSS) vulnerabilities in the GateIn Portal component in Red Hat JBoss Portal 6.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. 4.3 0.98% 2013-12-23 2026-06-16
CVE-2013-4414 Cross-site scripting (XSS) vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to inject arbitrary web script or HTML via the "Max allowance" field in the "Set limit" form. 4.3 1.80% 2013-12-23 2026-06-16
CVE-2013-6745 Cross-site scripting (XSS) vulnerability in the IMS server before Ifix 6 in IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) 8.2 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an unspecified dynamic web form. 3.5 0.95% 2013-12-22 2026-06-16
CVE-2013-6328 Cross-site scripting (XSS) vulnerability in the Web Content Manager (WCM) UI in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF26, and 8.0.0.x before 8.0.0.1 CF09 allows remote attackers to inject arbitrary web script or HTML via vectors involving IFRAME elements. 4.3 1.16% 2013-12-22 2026-06-16
CVE-2013-5421 Cross-site scripting (XSS) vulnerability in the IMS server before Ifix 6 in IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) 8.2 allows remote attackers to inject arbitrary web script or HTML via crafted input to an unspecified dynamic web form. 4.3 0.93% 2013-12-22 2026-06-16
«« 先頭 « 前へ 1 / 31 次へ »
cvelogic Threat Intelligence