Cross-Site Scripting Flaw in IBM FileNet Products
CVE-2013-6746

Currently unrated

Key Information:

Vendor: IBM
Status: Filenet P8 Business Process Manager; Filenet Case Foundation; Filenet Content Manager
Vendor: CVE Published:; 22 January 2014

Summary

The vulnerability enables remote attackers to exploit the affected IBM FileNet products by injecting arbitrary web scripts or HTML. This is achieved through unspecified vectors, potentially compromising user data and the integrity of the web application. Users of FileNet P8 Platform Documentation Installable Info Center, IBM FileNet Business Process Manager, FileNet Content Manager, and Case Foundation are at risk, making it essential to implement adequate security measures and updates to mitigate this risk.

References

http://www.securityfocus.com/bid/65045

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/89862

vdb-entryx_refsource_XF

http://secunia.com/advisories/56500

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jan 22, 2014
Vulnerability Reserved
Nov 8, 2013