CVE-2014-3033

Currently unrated

Key Information:

Vendor
IBM
Status
Emptoris Sourcing Portfolio
Vendor
CVE Published:
26 August 2014

Summary

Cross-site scripting (XSS) vulnerability in IBM Emptoris Sourcing Portfolio 9.5.x before 9.5.1.3, 10.0.0.x before 10.0.0.1, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/93192
vdb-entryx_refsource_XF
http://secunia.com/advisories/60481
third-party-advisoryx_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21680665
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.