XPath Injection Vulnerability in IBM Sterling Order Management
CVE-2013-0505

Currently unrated

Key Information:

Vendor: IBM
Status: Sterling Selling And Fulfillment Foundation; Sterling Multi-channel Fulfillment Solution
Vendor: CVE Published:; 19 March 2013

Summary

A security vulnerability in IBM Sterling Order Management allows remote authenticated users to exploit XPath injection methods. This flaw enables unauthorized access to arbitrary XML files through unspecified means, posing a risk to data integrity and confidentiality. Organizations using affected versions should prioritize applying available patches and updates to mitigate this risk.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/82339

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg1ID358571

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg21631302

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 19, 2013
Vulnerability Reserved
Dec 16, 2012