Cross-Site Scripting Vulnerability in IBM Flex System Manager
CVE-2013-5438

Currently unrated

Key Information:

Vendor: IBM
Status: Flex System Manager
Vendor: CVE Published:; 14 December 2013

Summary

A cross-site scripting vulnerability exists in the web server of IBM Flex System Manager versions 1.1.0 to 1.3. This flaw enables remote attackers to inject arbitrary web scripts or HTML, which can lead to malicious actions such as session hijacking, phishing, or defacement. The attack can be executed through unspecified vectors, making it critical for users to be aware of their application’s exposure to such threats.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/87753

vdb-entryx_refsource_XF

http://www.ibm.com/connections/blogs/PSIRT/entry/security...

x_refsource_CONFIRM

http://www.ibm.com/support/entry/portal/docdisplay?lndoci...

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 14, 2013
Vulnerability Reserved
Aug 22, 2013