CVE-2013-6882

Name: CVE-2013-6882
Creator: NVD / NIST
Published: 2013-12-17T16:08:51.05+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 3.48%

Last modified Jun 17, 2026

CVE-2013-6882 is a vulnerability of currently unknown severity. Multiple cross-site scripting (XSS) vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow (1) remote attackers to inject arbitrary web script or HTML via the username parameter in a login or (2) remote authenticated users to inject arbitrary web script or HTML via unspecified form fields.. EPSS estimates a 3.48% chance of exploitation in the next 30 days.

Description

Multiple cross-site scripting (XSS) vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow (1) remote attackers to inject arbitrary web script or HTML via the username parameter in a login or (2) remote authenticated users to inject arbitrary web script or HTML via unspecified form fields.

Metrics

EPSS Probability

3.48%

87.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-79

Affected Software

Vendor	Product	Versions
Cru-Inc	Ditto Forensic Fieldstation Firmware	<= 2013oct15a
Cru-Inc	Ditto Forensic Fieldstation	All versions

References

Timeline

Published: Dec 17, 2013
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2013-6882?

How severe is CVE-2013-6882?

Severity scoring for CVE-2013-6882 is pending analysis. The EPSS model estimates a 3.48% probability of exploitation in the next 30 days.

How do I fix CVE-2013-6882?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-6882?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST