Cross-Site Scripting Vulnerability in IBM Document Connect for Application Support Facility
CVE-2013-0571

Currently unrated

Key Information:

Vendor: IBM
Status: Document Connect For Application Support Facility; Application Support Facility
Vendor: CVE Published:; 27 April 2013

What is CVE-2013-0571?

A cross-site scripting vulnerability exists in IBM Document Connect for Application Support Facility, allowing remote attackers to inject arbitrary web scripts or HTML into the application. This vulnerability affects various platforms including Windows, Linux, and AIX when using Application Support Facility (ASF) version 3.4 prior to 1.0.0.1218. By crafting a malicious URL, attackers can exploit this weakness to perform unauthorized actions or gather sensitive information from users.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/83246

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21635328

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 27, 2013
Vulnerability Reserved
Dec 16, 2012