CVE-2013-0587

medium

Description

Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Portal before 8.0.0.1 CF07 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Portal, (2) Portal 7.0.0.2, (3) Portal 8.0, or (4) PortalWeb2 theme.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/84345

http://www-01.ibm.com/support/docview.wss?uid=swg21646618

http://www-01.ibm.com/support/docview.wss?uid=swg1PM90118

Details

Source: Mitre, NVD

Published: 2013-08-16

Updated: 2017-08-29

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium