PT-2013-2443 · Ibm · Ibm Infosphere Information Server

Published

2013-08-16

Updated

2017-08-29

CVE-2013-0585

CVSS v2.0

3.5

Low

Vector

AV:N/AC:M/Au:S/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions IBM InfoSphere Information Server versions prior to 8.5 FP4 IBM InfoSphere Information Server versions 8.7 through FP2 IBM InfoSphere Information Server version 9.1

Description The issue allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the web console and repository management user interfaces.

Recommendations For IBM InfoSphere Information Server versions prior to 8.5 FP4, update to version 8.5 FP4 or later. For IBM InfoSphere Information Server versions 8.7 through FP2, update to version 8.7 FP3 or later. For IBM InfoSphere Information Server version 9.1, update to a newer version that contains a fix for this issue.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2013-0585

Affected Products

Ibm Infosphere Information Server

PT-2013-2443 · Ibm · Ibm Infosphere Information Server

CVE-2013-0585

Weakness Enumeration

Related Identifiers

Affected Products

References · 3