Cross-Site Scripting Flaw in IBM InfoSphere Data Replication Dashboard
CVE-2013-2999

6.1MEDIUM

Key Information:

Vendor: IBM
Status: Infosphere Data Replication Dashboard
Vendor: CVE Published:; 9 July 2018

Summary

A cross-site scripting vulnerability in IBM InfoSphere Data Replication Dashboard versions 9.7 and 10.1 permits remote attackers to inject arbitrary web scripts or HTML content. This can occur through unspecified vectors, posing a security risk for users who may inadvertently execute malicious scripts, potentially leading to unauthorized actions within their sessions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/84115

vdb-entryx_refsource_XF

https://www.ibm.com/blogs/psirt/security-bulletin-multipl...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jul 9, 2018
Vulnerability Reserved
Apr 12, 2013