CVE-2013-4204

Multiple cross-site scripting (XSS) vulnerabilities in the JUnit files in the GWTTestCase in Google Web Toolkit (GWT) before 2.5.1 RC1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 55%
VendorProductVersion
googleweb_toolkit
𝑥
≤ 2.5.0
googleweb_toolkit
1.4.60
googleweb_toolkit
1.5.0:rc
googleweb_toolkit
1.5.1:rc2
googleweb_toolkit
1.5.2
googleweb_toolkit
1.5.3
googleweb_toolkit
1.6.2:rc
googleweb_toolkit
1.6.3:rc2
googleweb_toolkit
1.6.4
googleweb_toolkit
1.7.0
googleweb_toolkit
1.7.1
googleweb_toolkit
2.0.0
googleweb_toolkit
2.0.0:rc1
googleweb_toolkit
2.0.1
googleweb_toolkit
2.0.2
googleweb_toolkit
2.0.3
googleweb_toolkit
2.0.4
googleweb_toolkit
2.1.0:m1
googleweb_toolkit
2.1.0:m2
googleweb_toolkit
2.1.0:m3
googleweb_toolkit
2.1.0:rc1
googleweb_toolkit
2.1.1
googleweb_toolkit
2.2.0
googleweb_toolkit
2.3.0
googleweb_toolkit
2.3.0:m1
googleweb_toolkit
2.4:beta
googleweb_toolkit
2.4.0
googleweb_toolkit
2.4.5
googleweb_toolkit
2.5.0:rc1
googleweb_toolkit
2.5.0:rc2
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gwt
vivid
dne
utopic
dne
trusty
dne
saucy
dne
raring
ignored
quantal
ignored
precise
dne
lucid
ignored
Common Weakness Enumeration
References
http://www.gwtproject.org/release-notes.html#Release_Notes_2_5_1_RC1
http://www.openwall.com/lists/oss-security/2013/08/05/1
http://www.openwall.com/lists/oss-security/2013/08/05/3
http://www.securityfocus.com/bid/61590
http://www.gwtproject.org/release-notes.html#Release_Notes_2_5_1_RC1
http://www.openwall.com/lists/oss-security/2013/08/05/1
http://www.openwall.com/lists/oss-security/2013/08/05/3
http://www.securityfocus.com/bid/61590