Unrated severityNVD Advisory· Published Dec 9, 2013· Updated Jun 17, 2026
CVE-2013-7025
CVE-2013-7025
Description
Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or HTML via the (1) valfield_1 or (2) value_1 parameter to createNewThreshold.jsp.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12cpe:2.3:a:sonicwall:global_management_system:7.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:sonicwall:global_management_system:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:sonicwall:global_management_system:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:sonicwall:global_management_system:7.1:sp1:*:*:*:*:*:*
- (no CPE)range: = 7.1 SP1 before Hotfix 134235
cpe:2.3:o:sonicwall:uma_e5000_firmware:7.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:sonicwall:uma_e5000_firmware:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:uma_e5000_firmware:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:uma_e5000_firmware:7.1:sp1:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
10- seclists.org/fulldisclosure/2013/Dec/32nvdExploitMailing ListThird Party Advisory
- www.exploit-db.com/exploits/30054nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/64103nvdExploitThird Party AdvisoryVDB Entry
- www.vulnerability-lab.com/get_content.phpnvdExploit
- archives.neohapsis.com/archives/bugtraq/2013-12/0022.htmlnvdThird Party Advisory
- secunia.com/advisories/55923nvdThird Party Advisory
- www.securitytracker.com/id/1029433nvdThird Party AdvisoryVDB Entry
- www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_Hotfix_134235.pdfnvdVendor Advisory
- osvdb.org/100610nvdBroken Link
- exchange.xforce.ibmcloud.com/vulnerabilities/89462nvdVDB Entry
News mentions
0No linked articles in our index yet.