CVE-2013-4045

Cross-site scripting (XSS) vulnerability in the Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
VendorProductVersion
ibmspss_collaboration_and_deployment_services
4.2.1
ibmspss_collaboration_and_deployment_services
4.2.1.1
ibmspss_collaboration_and_deployment_services
4.2.1.2
ibmspss_collaboration_and_deployment_services
4.2.1.3
ibmspss_collaboration_and_deployment_services
5.0.0
ibmspss_collaboration_and_deployment_services
5.0.0.1
ibmspss_collaboration_and_deployment_services
5.0.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg1PM95817
http://www-01.ibm.com/support/docview.wss?uid=swg21660191
https://exchange.xforce.ibmcloud.com/vulnerabilities/86421
http://www-01.ibm.com/support/docview.wss?uid=swg1PM95817
http://www-01.ibm.com/support/docview.wss?uid=swg21660191
https://exchange.xforce.ibmcloud.com/vulnerabilities/86421