Unrated severityNVD Advisory· Published Nov 5, 2013· Updated Apr 29, 2026
CVE-2013-5695
CVE-2013-5695
Description
Multiple cross-site scripting (XSS) vulnerabilities in Opsview before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to admin/auditlog/, (2) PATH_INFO to info/host/ or (3) viewport/, (4) back parameter to login, or (5) "from" parameter to status/service/recheck.
Affected products
24cpe:2.3:a:opsview:opsview:*:-:*:*:enterprise:*:*:*+ 23 more
- cpe:2.3:a:opsview:opsview:*:-:*:*:enterprise:*:*:*range: <=4.4
- cpe:2.3:a:opsview:opsview:*:-:*:*:pro:*:*:*range: <=4.4
- cpe:2.3:a:opsview:opsview:2.7:*:*:*:*:*:*:*
- cpe:2.3:a:opsview:opsview:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:opsview:opsview:2.10:*:*:*:*:*:*:*
- cpe:2.3:a:opsview:opsview:2.12:*:*:*:*:*:*:*
- cpe:2.3:a:opsview:opsview:2.14:*:*:*:*:*:*:*
- cpe:2.3:a:opsview:opsview:3.0:-:*:*:community:*:*:*
- cpe:2.3:a:opsview:opsview:3.1:-:*:*:community:*:*:*
- cpe:2.3:a:opsview:opsview:3.2:-:*:*:enterprise:*:*:*
- cpe:2.3:a:opsview:opsview:3.4:-:*:*:enterprise:*:*:*
- cpe:2.3:a:opsview:opsview:3.6:-:*:*:enterprise:*:*:*
- cpe:2.3:a:opsview:opsview:3.8:-:*:*:enterprise:*:*:*
- cpe:2.3:a:opsview:opsview:3.10:-:*:*:enterprise:*:*:*
- cpe:2.3:a:opsview:opsview:3.12:-:*:*:enterprise:*:*:*
- cpe:2.3:a:opsview:opsview:3.14:-:*:*:enterprise:*:*:*
- cpe:2.3:a:opsview:opsview:4.0:-:*:*:enterprise:*:*:*
- cpe:2.3:a:opsview:opsview:4.0:-:*:*:pro:*:*:*
- cpe:2.3:a:opsview:opsview:4.1:-:*:*:enterprise:*:*:*
- cpe:2.3:a:opsview:opsview:4.1:-:*:*:pro:*:*:*
- cpe:2.3:a:opsview:opsview:4.2:-:*:*:enterprise:*:*:*
- cpe:2.3:a:opsview:opsview:4.2:-:*:*:pro:*:*:*
- cpe:2.3:a:opsview:opsview:4.3:-:*:*:enterprise:*:*:*
- cpe:2.3:a:opsview:opsview:4.3:-:*:*:pro:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.