Unrated severityNVD Advisory· Published Sep 29, 2014· Updated May 6, 2026

CVE-2013-3065

Description

Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section.

Affected products

Linksys/Ea6500
cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:*
Linksys/Ea6500 Firmware
cpe:2.3:o:linksys:ea6500_firmware:1.1.28.147876:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdfnvdExploit
securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.phpnvdExploit

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000