CVE-2013-0473

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

4.3MEDIUM

EPSS

0.3%

top 47.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Rational Policy Tester IBM Security Appscan

Timeline

PublishedMar 29

Latest updateMay 5

Description

Multiple cross-site scripting (XSS) vulnerabilities in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allow remote attackers to inject arbitrary web script or HTML via a crafted report.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

▶NVDibm/rational_policy_tester10 versions+9

▶NVDibm/security_appscan12 versions+11

🔴Vulnerability Details

GHSA

GHSA-p726-gcmp-pjr9: Multiple cross-site scripting (XSS) vulnerabilities in IBM Security AppScan Enterprise 5↗2022-05-05

▶

CVEList

CVE-2013-0473: Multiple cross-site scripting (XSS) vulnerabilities in IBM Security AppScan Enterprise 5↗2013-03-29

▶