CVE-2013-5449

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
4.3MEDIUM
EPSS
0.3%
top 49.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Filenet Content Manager
Timeline
PublishedDec 4
Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in workingSet.jsp in IBM Eclipse Help System (IEHS), as used in the installable InfoCenter component in IBM FileNet Content Manager 4.5.1, 5.0.0, 5.1.0, and 5.2.0, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDibm/filenet_content_manager4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-c63g-qwmv-qrcq: Cross-site scripting (XSS) vulnerability in workingSet2022-05-17
CVEList
CVE-2013-5449: Cross-site scripting (XSS) vulnerability in workingSet2013-12-04
CVE-2013-5449 (MEDIUM CVSS 4.3) | Cross-site scripting (XSS) vulnerab | cvebase.io