Lucene search
HistoryNov 13, 2013 - 3:55 p.m.
CVE-2013-5379
ibm
websphere
portal
xss
vulnerability
nvd
cve-2013-5379
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
36.6%
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.x before 7.0.0.2 CF25 and 8.x before 8.0.0.1 CF8 allows remote authenticated users to inject arbitrary web script or HTML by leveraging improper tagging functionality.
Affected configurations
Node
ibmwebsphere_portalMatch7.0.0.0
ORibmwebsphere_portalMatch7.0.0.1
ORibmwebsphere_portalMatch7.0.0.2
ORibmwebsphere_portalMatch8.0.0.0
ORibmwebsphere_portalMatch8.0.0.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_portal | 8.0.0.0 | cpe:/a:ibm:websphere_portal:8.0.0.0::: |
| ibm | websphere_portal | 7.0.0.1 | cpe:/a:ibm:websphere_portal:7.0.0.1::: |
| ibm | websphere_portal | 7.0.0.0 | cpe:/a:ibm:websphere_portal:7.0.0.0::: |
| ibm | websphere_portal | 7.0.0.2 | cpe:/a:ibm:websphere_portal:7.0.0.2::: |
| ibm | websphere_portal | 8.0.0.1 | cpe:/a:ibm:websphere_portal:8.0.0.1::: |
Related
cvelist
cvelist
CVE-2013-5379
2013-11-13 15:00:00
nvd
nvd
CVE-2013-5379
2013-11-13 15:55:03
nessus
nessus
IBM WebSphere Portal Tagging Reflected XSS (PM96047)
2014-03-26 00:00:00
prion
prion
Cross site scripting
2013-11-13 15:55:00
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
36.6%
Related for CVE-2013-5379