ByteOS Network

NVD Vulnerability Details :

CVE-2013-6808

Deferred

Source-cve@mitre.org

Published At-28 Dec, 2013 | 04:53

Updated At-11 Apr, 2025 | 00:51

Cross-site scripting (XSS) vulnerability in lib/NSSDropoff.php in ZendTo before 4.11-13 allows remote attackers to inject arbitrary web script or HTML via a modified emailAddr field to pickup.php.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N

CPE Matches

Perforce Software, Inc.

>>zendto>>Versions up to 4.11-12(inclusive)

cpe:2.3:a:zend:zendto:*:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.00

cpe:2.3:a:zend:zendto:4.00:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.01

cpe:2.3:a:zend:zendto:4.01:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.02

cpe:2.3:a:zend:zendto:4.02:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.03-3

cpe:2.3:a:zend:zendto:4.03-3:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.05-2

cpe:2.3:a:zend:zendto:4.05-2:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.06-2

cpe:2.3:a:zend:zendto:4.06-2:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.07-1

cpe:2.3:a:zend:zendto:4.07-1:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.08-4

cpe:2.3:a:zend:zendto:4.08-4:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.09-1

cpe:2.3:a:zend:zendto:4.09-1:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.10-4

cpe:2.3:a:zend:zendto:4.10-4:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.10-5

cpe:2.3:a:zend:zendto:4.10-5:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.11-1

cpe:2.3:a:zend:zendto:4.11-1:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.11-2

cpe:2.3:a:zend:zendto:4.11-2:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.11-3

cpe:2.3:a:zend:zendto:4.11-3:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.11-4

cpe:2.3:a:zend:zendto:4.11-4:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.11-5

cpe:2.3:a:zend:zendto:4.11-5:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.11-7

cpe:2.3:a:zend:zendto:4.11-7:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.11-8

cpe:2.3:a:zend:zendto:4.11-8:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.11-9

cpe:2.3:a:zend:zendto:4.11-9:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.11-10

cpe:2.3:a:zend:zendto:4.11-10:*:*:*:*:*:*:*

Perforce Software, Inc.

>>zendto>>4.11-11

cpe:2.3:a:zend:zendto:4.11-11:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-79	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
http://www.zend.to/changelog.php	cve@mitre.org	N/A
https://www.packetlabs.net/cve-2013-6808/	cve@mitre.org	Exploit
http://www.zend.to/changelog.php	af854a3a-2127-422b-91ae-364da2661108	N/A
https://www.packetlabs.net/cve-2013-6808/	af854a3a-2127-422b-91ae-364da2661108	Exploit

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History