Unrated severityNVD Advisory· Published Dec 9, 2013· Updated Apr 29, 2026
CVE-2013-7025
CVE-2013-7025
Description
Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or HTML via the (1) valfield_1 or (2) value_1 parameter to createNewThreshold.jsp.
Affected products
9cpe:2.3:a:sonicwall:global_management_system:7.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:sonicwall:global_management_system:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:sonicwall:global_management_system:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:sonicwall:global_management_system:7.1:sp1:*:*:*:*:*:*
cpe:2.3:o:sonicwall:uma_e5000_firmware:7.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:sonicwall:uma_e5000_firmware:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:uma_e5000_firmware:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:uma_e5000_firmware:7.1:sp1:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- seclists.org/fulldisclosure/2013/Dec/32nvdExploitMailing ListThird Party Advisory
- www.exploit-db.com/exploits/30054nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/64103nvdExploitThird Party AdvisoryVDB Entry
- www.vulnerability-lab.com/get_content.phpnvdExploit
- archives.neohapsis.com/archives/bugtraq/2013-12/0022.htmlnvdThird Party Advisory
- secunia.com/advisories/55923nvdThird Party Advisory
- www.securitytracker.com/id/1029433nvdThird Party AdvisoryVDB Entry
- www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_Hotfix_134235.pdfnvdVendor Advisory
- osvdb.org/100610nvdBroken Link
- exchange.xforce.ibmcloud.com/vulnerabilities/89462nvdVDB Entry
News mentions
0No linked articles in our index yet.