CVE-2013-6721

EUVD-2013-6523
Cross-site scripting (XSS) vulnerability in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x before 7.5.0.4 and 8.x through 8.0.0.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving widgets.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
Affected Products (NVD)
VendorProductVersion
ibmwebsphere_service_registry_and_repository
7.5.0.2
ibmwebsphere_service_registry_and_repository
7.5.0.3
ibmwebsphere_service_registry_and_repository
8.0.0
ibmwebsphere_service_registry_and_repository
8.0.0.1
ibmwebsphere_service_registry_and_repository
8.0.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/56130
http://www-01.ibm.com/support/docview.wss?uid=swg1IV51765
http://www-01.ibm.com/support/docview.wss?uid=swg21659623
http://www.securitytracker.com/id/1029498
https://exchange.xforce.ibmcloud.com/vulnerabilities/89230
http://secunia.com/advisories/56130
http://www-01.ibm.com/support/docview.wss?uid=swg1IV51765
http://www-01.ibm.com/support/docview.wss?uid=swg21659623
http://www.securitytracker.com/id/1029498
https://exchange.xforce.ibmcloud.com/vulnerabilities/89230