CVE-2013-6746

2014-01-2205:22:15

CWE-79

[email protected]

web.nvd.nist.gov

cve-2013-6746

cross-site scripting

xss

vulnerability

filenet p8 platform

documentation

ibm filenet business process manager

filenet content manager

case foundation

nvd

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

56.5%

JSON

Cross-site scripting (XSS) vulnerability in FileNet P8 Platform Documentation Installable Info Center 4.5.1 through 5.2.0 in IBM FileNet Business Process Manager 4.5.1 through 5.1.0, FileNet Content Manager 4.5.1 through 5.2.0, and Case Foundation 5.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

ibmfilenet_case_foundationMatch5.2.0

ibmfilenet_content_managerMatch4.5.0

ibmfilenet_content_managerMatch4.5.1

ibmfilenet_content_managerMatch5.0.0

ibmfilenet_content_managerMatch5.1.0

ibmfilenet_content_managerMatch5.2.0

ibmfilenet_p8_business_process_managerMatch4.5.1

ibmfilenet_p8_business_process_managerMatch5.0.0

ibmfilenet_p8_business_process_managerMatch5.1.0

CPENameOperatorVersion
ibm:filenet_case_foundationibm filenet case foundationeq5.2.0
ibm:filenet_content_manageribm filenet content managereq4.5.0
ibm:filenet_content_manageribm filenet content managereq4.5.1
ibm:filenet_content_manageribm filenet content managereq5.0.0
ibm:filenet_content_manageribm filenet content managereq5.1.0
ibm:filenet_content_manageribm filenet content managereq5.2.0
ibm:filenet_p8_business_process_manageribm filenet p8 business process managereq4.5.1
ibm:filenet_p8_business_process_manageribm filenet p8 business process managereq5.0.0
ibm:filenet_p8_business_process_manageribm filenet p8 business process managereq5.1.0

CPE	Name	Operator	Version
ibm:filenet_case_foundation	ibm filenet case foundation	eq	5.2.0
ibm:filenet_content_manager	ibm filenet content manager	eq	4.5.0
ibm:filenet_content_manager	ibm filenet content manager	eq	4.5.1
ibm:filenet_content_manager	ibm filenet content manager	eq	5.0.0
ibm:filenet_content_manager	ibm filenet content manager	eq	5.1.0
ibm:filenet_content_manager	ibm filenet content manager	eq	5.2.0
ibm:filenet_p8_business_process_manager	ibm filenet p8 business process manager	eq	4.5.1
ibm:filenet_p8_business_process_manager	ibm filenet p8 business process manager	eq	5.0.0
ibm:filenet_p8_business_process_manager	ibm filenet p8 business process manager	eq	5.1.0