3 matches found
Security Bulletin: Flex System Manager web server allows Generic XSS (CVE-2013-5438)
Summary The Flex System Manager FSM is running a web server that fails to adequately sanitize request strings of malicious JavaScript. Vulnerability Details Abstract The Flex System Manager FSM is running a web server that fails to adequately sanitize request strings of malicious JavaScript...
IBM Flex System Manger跨站脚本漏洞
CVE ID:CVE-2013-5438 IBM Flex System Manger是一款跨计算,存储和网络资源的集成式系统管理。 IBM Flex System Manger没有正确过滤用户提交的输入,允许远程攻击者利用漏洞进行跨站脚本攻击,可构建恶意URI,诱使用户解析,可获取敏感信息或者劫持用户会话。 0 IBM Flex System Manger 1.3.0 IBM Flex System Manger 1.1.0 厂商补丁: IBM ----- IBM Flex System Manger 1.3.1已经修复该漏洞,请到厂商的主页下载: http://www.ibm.com...
CVE-2013-5438
IBM Flex System Manager (FSM) web server versions 1.1.0–1.3 are affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary HTML/JavaScript via unsanitized input. The IBM bulletin notes a CVSS base score of 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N) and lists aff...