Cross-Site Scripting Vulnerability in IBM Eclipse Help System
CVE-2013-5449

Currently unrated

Key Information:

Vendor: IBM
Status: Filenet Content Manager
Vendor: CVE Published:; 4 December 2013

Summary

A cross-site scripting (XSS) vulnerability exists in the IBM Eclipse Help System (IEHS), which is utilized in the InfoCenter component of IBM FileNet Content Manager. This flaw allows remote attackers to inject arbitrary web scripts or HTML code through unspecified vectors, which could lead to data theft or session hijacking for affected users.

References

http://www.securityfocus.com/bid/64058

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/88056

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21657493

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 4, 2013
Vulnerability Reserved
Aug 22, 2013