PT-2013-2372 · Ibm · Ibm Infosphere Master Data Management - Collaborative Edition+1

Published

2013-02-21

·

Updated

2017-08-29

·

CVE-2013-0478

CVSS v2.0

3.5

Low

VectorAV:N/AC:M/Au:S/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions IBM InfoSphere Master Data Management - Collaborative Edition versions 10.0 through 10.1 before FP1 IBM InfoSphere Master Data Management Server for Product Information Management versions 6.0 through 9.1
Description A cross-site scripting (XSS) issue allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Recommendations For IBM InfoSphere Master Data Management - Collaborative Edition versions 10.0 through 10.1 before FP1, apply FP1 to resolve the issue. For IBM InfoSphere Master Data Management Server for Product Information Management versions 6.0 through 9.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2013-0478

Affected Products

Ibm Infosphere Master Data Management - Collaborative Edition
Ibm Infosphere Master Data Management Server For Product Information Management