CVE-2013-0506

Currently unrated

Key Information:

Vendor: IBM
Status: Sterling Selling And Fulfillment Foundation; Sterling Multi-channel Fulfillment Solution
Vendor: CVE Published:; 19 March 2013

Summary

Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/82341

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg1IC90858

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg21631302

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 19, 2013
Vulnerability Reserved
Dec 16, 2012