web/security: add CVE-2013-4358