CVE-2013-2969

Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving invalid characters.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:N/I:P/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
VendorProductVersion
ibmsterling_control_center
5.2.0
ibmsterling_control_center
5.3.0
ibmsterling_control_center
5.3.0.1
ibmsterling_control_center
5.3.0.2
ibmsterling_control_center
5.3.0.3
ibmsterling_control_center
5.4.0
ibmsterling_control_center
5.4.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21640348
https://exchange.xforce.ibmcloud.com/vulnerabilities/83860
http://www-01.ibm.com/support/docview.wss?uid=swg21640348
https://exchange.xforce.ibmcloud.com/vulnerabilities/83860