Cross-Site Scripting Vulnerabilities in IBM Security AppScan Enterprise and Rational Policy Tester
CVE-2013-0473

Currently unrated

Key Information:

Vendor: IBM
Status: Security Appscan
Vendor: CVE Published:; 29 March 2013

Summary

Multiple cross-site scripting vulnerabilities exist in IBM Security AppScan Enterprise and IBM Rational Policy Tester that allow remote attackers to execute arbitrary web scripts or HTML. This can occur through the manipulation of crafted reports, which may lead to unauthorized actions performed in the context of the user. Proper input validation measures should be implemented to mitigate these risks.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21631304

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/81337

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21626264

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 29, 2013
Vulnerability Reserved
Dec 16, 2012