Vulnerability Description
Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Sterling Multi-Channel Fulfillment Solution | 8.0 |
| Ibm | Sterling Selling And Fulfillment Foundation | 8.5 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC90858
- http://www-01.ibm.com/support/docview.wss?uid=swg21631302Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82341
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC90858
- http://www-01.ibm.com/support/docview.wss?uid=swg21631302Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82341
FAQ
What is CVE-2013-0506?
CVE-2013-0506 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated users...
How severe is CVE-2013-0506?
CVE-2013-0506 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-0506?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Sterling Multi-Channel Fulfillment Solution, Ibm Sterling Selling And Fulfillment Foundation.