Cross-Site Scripting Flaw in IBM InfoSphere Data Replication Dashboard
CVE-2013-2999

6.1MEDIUM

Key Information:

Vendor

IBM
Status
Infosphere Data Replication Dashboard
Vendor
CVE Published:
9 July 2018

What is CVE-2013-2999?

A cross-site scripting vulnerability in IBM InfoSphere Data Replication Dashboard versions 9.7 and 10.1 permits remote attackers to inject arbitrary web scripts or HTML content. This can occur through unspecified vectors, posing a security risk for users who may inadvertently execute malicious scripts, potentially leading to unauthorized actions within their sessions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/84115
vdb-entryx_refsource_XF
https://www.ibm.com/blogs/psirt/security-bulletin-multipl...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.