CVE-2013-6327

Currently unrated

Key Information:

Vendor: IBM
Status: Sterling Connect Enterprise Http Option
Vendor: CVE Published:; 17 December 2013

Summary

Cross-site scripting (XSS) vulnerability in the HTTP Option in IBM Sterling Connect:Enterprise 1.3 before 1.3.0.2 iFix 1 and 1.4 before 1.4.0.0 iFix 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "cross-frame scripting" issue.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/88908

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21659907

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 17, 2013
Vulnerability Reserved
Oct 31, 2013