Unrated severityNVD Advisory· Published Dec 10, 2013· Updated Apr 29, 2026
CVE-2013-6224
CVE-2013-6224
Description
Multiple cross-site scripting (XSS) vulnerabilities in LiveZilla before 5.1.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) a name in the call administrator feature, (2) unspecified vectors to the admins visitor information panel, or (3) a text message in a chat session, which is saved in the archive section.
Affected products
15cpe:2.3:a:livezilla:livezilla:*:*:*:*:*:*:*:*+ 14 more
- cpe:2.3:a:livezilla:livezilla:*:*:*:*:*:*:*:*range: <=5.1.0.0
- cpe:2.3:a:livezilla:livezilla:3.1.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:livezilla:livezilla:3.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:livezilla:livezilla:4.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:livezilla:livezilla:4.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:livezilla:livezilla:4.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:livezilla:livezilla:4.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:livezilla:livezilla:4.1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:livezilla:livezilla:4.2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:livezilla:livezilla:4.2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:livezilla:livezilla:5.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:livezilla:livezilla:5.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:livezilla:livezilla:5.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:livezilla:livezilla:5.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:livezilla:livezilla:5.0.1.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- www.livezilla.net/board/index.phpnvdPatch
- packetstormsecurity.com/files/124222nvdExploit
- seclists.org/fulldisclosure/2013/Nov/208nvdExploit
- cureblog.de/2013/12/cve-2013-6224-cross-site-scripting-in-livezillanvdExploit
- osvdb.org/100399nvd
- osvdb.org/100401nvd
- osvdb.org/100402nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/89315nvd
News mentions
0No linked articles in our index yet.