CVE-2014-0932

Currently unrated

Key Information:

Vendor: IBM
Status: Sterling Order Management; Sterling Selling And Fulfillment Foundation
Vendor: CVE Published:; 21 April 2014

Summary

Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.5 before HF105 and Sterling Selling and Fulfillment Foundation 9.0 before HF85 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21670912

x_refsource_CONFIRM

http://www.securityfocus.com/bid/66993

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/92264

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Apr 21, 2014
Vulnerability Reserved
Jan 6, 2014