CVE-2013-1393

Discussion in 'other software & services' started by robtlmiller, Jan 19, 2014.

Thread Status:
Not open for further replies.
  1. robtlmiller

    robtlmiller Registered Member

    Joined:
    Mar 26, 2009
    Posts:
    21
    Hello All,
    Does anyone know what CVE-2013-1393 is? I was in add/remove programs for other purposes and saw it as an entry. I did a search on it and the "National Vulnerability Database" stated: "Cross-site scripting (XSS) vulnerability in the CurvyCorners module 6.x-1.x and 7.x-1.x for Drupal allows remote authenticated users with the "administer curvycorners" permission to inject arbitrary web script or HTML via unspecified vectors." and then went on to say: "Network exploitable; Victim must voluntarily interact with attack mechanism"
    Although my Norton Internet Security has never "flagged it" or brought it to my attention, I uninstalled it.
    Did I do the right thing?
    Thanks - Any help is appreciated.
    Bob
     
Thread Status:
Not open for further replies.