Cross-Site Scripting Vulnerabilities in IBM Rational Focal Point
CVE-2013-3025

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Focal Point
Vendor: CVE Published:; 17 October 2013

What is CVE-2013-3025?

IBM Rational Focal Point versions 6.5.x and 6.6.x prior to 6.6.0.1 are susceptible to multiple cross-site scripting (XSS) vulnerabilities. These flaws enable remote attackers to inject arbitrary web scripts or HTML into the application through various unspecified vectors. This can lead to unauthorized actions being performed within the context of users’ browsers, potentially compromising sensitive information and user accounts.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21652479

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/84363

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 17, 2013
Vulnerability Reserved
Apr 12, 2013