Vulnerability Database

314,615

Total vulnerabilities in the database

CVE-2013-1636

Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin before 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 through 4.2.9 and 4.3.0 through 4.3.3, allows remote attackers to inject arbitrary web script or HTML via the get-data parameter.

  • Published: Mar 12, 2014
  • Updated: Nov 9, 2025
  • CVE: CVE-2013-1636
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
joobi / com_jnews 8.0.1 8.0.1.x
civicrm / civicrm 3.1.3 3.1.3.x
civicrm / civicrm 4.2.5 4.2.5.x
civicrm / civicrm 3.1.0 3.1.0.x
civicrm / civicrm 4.1.2 4.1.2.x
civicrm / civicrm 4.3.1 4.3.1.x
civicrm / civicrm 4.1.4 4.1.4.x
civicrm / civicrm 4.2.8 4.2.8.x
civicrm / civicrm 4.1.1 4.1.1.x
civicrm / civicrm 4.2.7 4.2.7.x
civicrm / civicrm 3.4.0 3.4.0.x
civicrm / civicrm 4.3.0 4.3.0.x
civicrm / civicrm 3.3.1 3.3.1.x
civicrm / civicrm 3.1.1 3.1.1.x
civicrm / civicrm 3.3.0 3.3.0.x
civicrm / civicrm 3.2.4 3.2.4.x
civicrm / civicrm 3.2.1 3.2.1.x
civicrm / civicrm 3.2.3 3.2.3.x
civicrm / civicrm 3.3.5 3.3.5.x
civicrm / civicrm 3.3.3 3.3.3.x
civicrm / civicrm 4.0.5 4.0.5.x
civicrm / civicrm 3.3.2 3.3.2.x
civicrm / civicrm 4.2.1 4.2.1.x
civicrm / civicrm 3.1.6 3.1.6.x
civicrm / civicrm 4.2.0 4.2.0.x
civicrm / civicrm 4.1.6 4.1.6.x
civicrm / civicrm 4.2.4 4.2.4.x
civicrm / civicrm 4.1.0 4.1.0.x
civicrm / civicrm 3.1.4 3.1.4.x
civicrm / civicrm 4.3.2 4.3.2.x
civicrm / civicrm 4.2.2 4.2.2.x
civicrm / civicrm 4.2.6 4.2.6.x
civicrm / civicrm 4.1.3 4.1.3.x
civicrm / civicrm 3.1.5 3.1.5.x
civicrm / civicrm 3.3.6 3.3.6.x
civicrm / civicrm 3.2.5 3.2.5.x
civicrm / civicrm 4.3.3 4.3.3.x
civicrm / civicrm 4.1.5 4.1.5.x
civicrm / civicrm 3.2.2 3.2.2.x
civicrm / civicrm 3.1.2 3.1.2.x
civicrm / civicrm 3.2.0 3.2.0.x
civicrm / civicrm 4.2.9 4.2.9.x
caseproof / prettylinks - 1.6.2.x
caseproof / prettylinks 1.6.0 1.6.0.x
caseproof / prettylinks 1.6.1 1.6.1.x