Cross-Site Scripting Vulnerability in IBM InfoSphere BigInsights
CVE-2013-3995

Currently unrated

Key Information:

Vendor: IBM
Status: Infosphere Biginsights
Vendor: CVE Published:; 6 August 2013

What is CVE-2013-3995?

The cross-site scripting (XSS) vulnerability in IBM InfoSphere BigInsights versions 1.1 through 2.1 enables remote authenticated users to inject malicious web scripts or HTML through unspecified vectors. This weakness may allow attackers to perform unauthorized actions on behalf of legitimate users, leading to potential data compromise and exploitation of user sessions.

References

http://www.securityfocus.com/bid/61604

vdb-entryx_refsource_BID

http://www-01.ibm.com/support/docview.wss?uid=swg21645804

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/84984

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2013
Vulnerability Reserved
Jun 7, 2013