CVE-2013-0506

Name of the Vulnerable Software and Affected Versions IBM Sterling Order Management versions 8.0 through 8.0 before HF127 IBM Sterling Order Management versions 8.5 through 8.5 before HF89 IBM Sterling Order Management versions 9.0 through 9.0 before HF69 IBM Sterling Order Management versions 9.1.0 through 9.1.0 before FP41 IBM Sterling Order Management versions 9.2.0 through 9.2.0 before FP13

Description A cross-site scripting (XSS) issue allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Recommendations For IBM Sterling Order Management version 8.0, apply HF127 to resolve the issue. For IBM Sterling Order Management version 8.5, apply HF89 to resolve the issue. For IBM Sterling Order Management version 9.0, apply HF69 to resolve the issue. For IBM Sterling Order Management version 9.1.0, apply FP41 to resolve the issue. For IBM Sterling Order Management version 9.2.0, apply FP13 to resolve the issue.