CVE-2013-4045

EUVD-2013-3976
Cross-site scripting (XSS) vulnerability in the Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
Affected Products (NVD)
VendorProductVersion
ibmspss_collaboration_and_deployment_services
4.2.1
ibmspss_collaboration_and_deployment_services
4.2.1.1
ibmspss_collaboration_and_deployment_services
4.2.1.2
ibmspss_collaboration_and_deployment_services
4.2.1.3
ibmspss_collaboration_and_deployment_services
5.0.0
ibmspss_collaboration_and_deployment_services
5.0.0.1
ibmspss_collaboration_and_deployment_services
5.0.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg1PM95817
http://www-01.ibm.com/support/docview.wss?uid=swg21660191
https://exchange.xforce.ibmcloud.com/vulnerabilities/86421
http://www-01.ibm.com/support/docview.wss?uid=swg1PM95817
http://www-01.ibm.com/support/docview.wss?uid=swg21660191
https://exchange.xforce.ibmcloud.com/vulnerabilities/86421