Cross-Site Scripting Vulnerability in IBM WebSphere Service Registry and Repository
CVE-2013-6721

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Service Registry And Repository
Vendor: CVE Published:; 17 December 2013

Summary

The vulnerability allows remote authenticated users of IBM WebSphere Service Registry and Repository to inject arbitrary web scripts or HTML into the application. This is primarily triggered through certain vectors involving widgets, leading to potential unauthorized actions or data exposure. Users of the affected versions are advised to apply the necessary patches to safeguard against this vulnerability.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IV51765

vendor-advisoryx_refsource_AIXAPAR

http://secunia.com/advisories/56130

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/89230

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 17, 2013
Vulnerability Reserved
Nov 8, 2013