CVE-2013-3983

2014-02-1322:00:00

ibm

www.cve.org

AI Score

6.5

Confidence

Low

EPSS

0.002

Percentile

61.9%

JSON

The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 does not validate URLs in Cookie headers before using them in redirects, which has unspecified impact and remote attack vectors.

References

www-01.ibm.com/support/docview.wss?uid=swg21662928

exchange.xforce.ibmcloud.com/vulnerabilities/84966