4.3
CVE-2013-0587
- EPSS 0.27%
- Veröffentlicht 16.08.2013 01:55:15
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle psirt@us.ibm.com
- Teams Watchlist Login
- Unerledigt Login
Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Portal before 8.0.0.1 CF07 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Portal, (2) Portal 7.0.0.2, (3) Portal 8.0, or (4) PortalWeb2 theme.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Websphere Portal Updatecf06 Version <= 8.0.0.1
Ibm ≫ Websphere Portal Version5.1.0.0
Ibm ≫ Websphere Portal Version5.1.0.1
Ibm ≫ Websphere Portal Version5.1.0.2
Ibm ≫ Websphere Portal Version5.1.0.3
Ibm ≫ Websphere Portal Version5.1.0.4
Ibm ≫ Websphere Portal Version5.1.0.5
Ibm ≫ Websphere Portal Version6.0.0.0
Ibm ≫ Websphere Portal Version6.0.0.1
Ibm ≫ Websphere Portal Version6.0.0.2
Ibm ≫ Websphere Portal Version6.0.0.3
Ibm ≫ Websphere Portal Version6.0.0.4
Ibm ≫ Websphere Portal Version6.0.1.0
Ibm ≫ Websphere Portal Version6.0.1.1
Ibm ≫ Websphere Portal Version6.0.1.2
Ibm ≫ Websphere Portal Version6.0.1.3
Ibm ≫ Websphere Portal Version6.0.1.4
Ibm ≫ Websphere Portal Version6.0.1.5
Ibm ≫ Websphere Portal Version6.0.1.5 Updatewp6015_008_01
Ibm ≫ Websphere Portal Version6.0.1.6
Ibm ≫ Websphere Portal Version6.0.1.7
Ibm ≫ Websphere Portal Version6.1.0.0
Ibm ≫ Websphere Portal Version6.1.0.1
Ibm ≫ Websphere Portal Version6.1.0.2
Ibm ≫ Websphere Portal Version6.1.0.3
Ibm ≫ Websphere Portal Version6.1.5.0
Ibm ≫ Websphere Portal Version7.0.0.0
Ibm ≫ Websphere Portal Version7.0.0.0 Updatecf001
Ibm ≫ Websphere Portal Version7.0.0.1
Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf002
Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf003
Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf004
Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf005
Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf006
Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf007
Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf008
Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf009
Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf010
Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf019
Ibm ≫ Websphere Portal Version7.0.0.2
Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf011
Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf012
Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf013
Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf014
Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf015
Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf016
Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf017
Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf018
Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf019
Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf020
Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf021
Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf022
Ibm ≫ Websphere Portal Version8.0
Ibm ≫ Websphere Portal Version8.0.0.0
Ibm ≫ Websphere Portal Version8.0.0.0 Updatecf01
Ibm ≫ Websphere Portal Version8.0.0.0 Updatecf02
Ibm ≫ Websphere Portal Version8.0.0.0 Updatecf03
Ibm ≫ Websphere Portal Version8.0.0.0 Updatecf04
Ibm ≫ Websphere Portal Version8.0.0.0 Updatecf05
Ibm ≫ Websphere Portal Version8.0.0.1
Ibm ≫ Websphere Portal Version8.0.0.1 Updatecf04
Ibm ≫ Websphere Portal Version8.0.0.1 Updatecf05
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.27% | 0.471 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.