{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2013-6858","title":"Title"},{"category":"description","text":"Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to (1) \"Volumes\" or (2) \"Network Topology\" page.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2013-6858","url":"https://www.suse.com/security/cve/CVE-2013-6858"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 852175 for CVE-2013-6858","url":"https://bugzilla.suse.com/852175"},{"category":"external","summary":"SUSE Bug 853043 for CVE-2013-6858","url":"https://bugzilla.suse.com/853043"}],"title":"SUSE CVE CVE-2013-6858","tracking":{"current_release_date":"2023-12-08T04:53:47Z","generator":{"date":"2023-02-15T05:33:39Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2013-6858","initial_release_date":"2023-02-15T05:33:39Z","revision_history":[{"date":"2023-02-15T05:33:39Z","number":"2","summary":"Current version"},{"date":"2023-12-08T04:53:47Z","number":"3","summary":"Current version"}],"status":"interim","version":"3"}}}