CVE-2013-0506

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
4.3MEDIUM
EPSS
0.3%
top 49.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Sterling Multi-channel Fulfillment SolutionIBM Sterling Selling AND Fulfillment Foundation
Timeline
PublishedMar 19
Latest updateMay 5

Description

Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-mg68-f2m7-jfrv: Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 82022-05-05
CVEList
CVE-2013-0506: Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 82013-03-19
CVE-2013-0506 (MEDIUM CVSS 4.3) | Cross-site scripting (XSS) vulnerab | cvebase.io