CVE-2013-5438

EUVD-2013-5278
Cross-site scripting (XSS) vulnerability in the web server in IBM Flex System Manager (FSM) 1.1.0 through 1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
Affected Products (NVD)
VendorProductVersion
ibmflex_system_manager
1.1.0
ibmflex_system_manager
1.3.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_flex_system_manager_web_server_allows_generic_xss_cve_2013_5438
http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5094212
https://exchange.xforce.ibmcloud.com/vulnerabilities/87753
http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_flex_system_manager_web_server_allows_generic_xss_cve_2013_5438
http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5094212
https://exchange.xforce.ibmcloud.com/vulnerabilities/87753