Cross-site Scripting Vulnerability in IBM Sterling Order Management Software
CVE-2013-0506

Currently unrated

Key Information:

Vendor: IBM
Status: Sterling Selling And Fulfillment Foundation; Sterling Multi-channel Fulfillment Solution
Vendor: CVE Published:; 19 March 2013

Summary

A cross-site scripting (XSS) vulnerability exists in IBM Sterling Order Management versions prior to specified hotfixes, allowing remote authenticated users to execute arbitrary web scripts or HTML. This vulnerability can be exploited through unspecified vectors, potentially compromising sensitive data and affecting the integrity of the application. Organizations using affected versions should prioritize remediation and apply the necessary updates to protect their systems.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/82341

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg1IC90858

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg21631302

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 19, 2013
Vulnerability Reserved
Dec 16, 2012