CVE-2013-0464

medium

Description

Multiple cross-site scripting (XSS) vulnerabilities in IBM Eclipse Help System (IEHS) 3.4.3 and 3.6.2, as used in IBM SPSS Data Collection 6.0, 6.0.1, and 7.0, allow remote attackers to inject arbitrary web script or HTML via a crafted URL.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/81060

http://www.securityfocus.com/bid/60246

http://www-01.ibm.com/support/docview.wss?uid=swg21637954

http://secunia.com/advisories/55115

http://secunia.com/advisories/54971

Details

Source: Mitre, NVD

Published: 2013-06-03

Updated: 2017-08-29

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium