CVE-2013-6725

Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server 7.x before 7.0.0.31, 8.0.x before 8.0.0.8, and 8.5.x before 8.5.5.2 allows remote authenticated administrators to inject arbitrary web script or HTML via a crafted URL.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:N/I:P/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
VendorProductVersion
ibmwebsphere_application_server
6.1
ibmwebsphere_application_server
7.0
ibmwebsphere_application_server
7.0.0.1
ibmwebsphere_application_server
7.0.0.2
ibmwebsphere_application_server
7.0.0.3
ibmwebsphere_application_server
7.0.0.4
ibmwebsphere_application_server
7.0.0.5
ibmwebsphere_application_server
7.0.0.6
ibmwebsphere_application_server
7.0.0.7
ibmwebsphere_application_server
7.0.0.8
ibmwebsphere_application_server
7.0.0.9
ibmwebsphere_application_server
7.0.0.10
ibmwebsphere_application_server
7.0.0.11
ibmwebsphere_application_server
7.0.0.12
ibmwebsphere_application_server
7.0.0.13
ibmwebsphere_application_server
7.0.0.14
ibmwebsphere_application_server
7.0.0.15
ibmwebsphere_application_server
7.0.0.16
ibmwebsphere_application_server
7.0.0.17
ibmwebsphere_application_server
7.0.0.18
ibmwebsphere_application_server
7.0.0.19
ibmwebsphere_application_server
7.0.0.21
ibmwebsphere_application_server
7.0.0.22
ibmwebsphere_application_server
7.0.0.23
ibmwebsphere_application_server
7.0.0.24
ibmwebsphere_application_server
7.0.0.25
ibmwebsphere_application_server
7.0.0.27
ibmwebsphere_application_server
7.0.0.29
ibmwebsphere_application_server
8.0.0.0
ibmwebsphere_application_server
8.0.0.1
ibmwebsphere_application_server
8.0.0.2
ibmwebsphere_application_server
8.0.0.3
ibmwebsphere_application_server
8.0.0.4
ibmwebsphere_application_server
8.0.0.5
ibmwebsphere_application_server
8.0.0.6
ibmwebsphere_application_server
8.0.0.7
ibmwebsphere_application_server
8.5.0.0
ibmwebsphere_application_server
8.5.0.1
ibmwebsphere_application_server
8.5.0.2
ibmwebsphere_application_server
8.5.5.0
ibmwebsphere_application_server
8.5.5.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/102119
http://www-01.ibm.com/support/docview.wss?uid=swg1PM98132
http://www-01.ibm.com/support/docview.wss?uid=swg21661323
http://www-01.ibm.com/support/docview.wss?uid=swg21661325
http://www-01.ibm.com/support/docview.wss?uid=swg21669554
http://www.securityfocus.com/bid/65099
https://exchange.xforce.ibmcloud.com/vulnerabilities/89280
http://osvdb.org/102119
http://www-01.ibm.com/support/docview.wss?uid=swg1PM98132
http://www-01.ibm.com/support/docview.wss?uid=swg21661323
http://www-01.ibm.com/support/docview.wss?uid=swg21661325
http://www-01.ibm.com/support/docview.wss?uid=swg21669554
http://www.securityfocus.com/bid/65099
https://exchange.xforce.ibmcloud.com/vulnerabilities/89280