Vulnerability Details CVE-2013-0502
Cross-site scripting (XSS) vulnerability in IBM InfoSphere Information Server 8.1, 8.5 through FP3, 8.7 through FP2, and 9.1 allows remote attackers to inject arbitrary web script or HTML via a malformed URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.0%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR45274
- http://www-01.ibm.com/support/docview.wss?uid=swg21632556
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82233
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR45274
- http://www-01.ibm.com/support/docview.wss?uid=swg21632556
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82233
Products affected by CVE-2013-0502
-
cpe:2.3:a:ibm:infosphere_information_server:8.1
-
cpe:2.3:a:ibm:infosphere_information_server:8.5
-
cpe:2.3:a:ibm:infosphere_information_server:8.5.0.1
-
cpe:2.3:a:ibm:infosphere_information_server:8.5.0.2
-
cpe:2.3:a:ibm:infosphere_information_server:8.5.0.3
-
cpe:2.3:a:ibm:infosphere_information_server:8.7
-
cpe:2.3:a:ibm:infosphere_information_server:8.7.0.1
-
cpe:2.3:a:ibm:infosphere_information_server:8.7.0.2
-
cpe:2.3:a:ibm:infosphere_information_server:9.1