Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Web\Content\Help\ in the Web Client in IBM Cognos Command Center (aka Star Command Center or Star Analytics) before 10.1, when Internet Explorer is used, allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Star Command Center | 1.6.1 |
| Microsoft | Internet Explorer | - |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/54286
- http://www-01.ibm.com/support/docview.wss?uid=swg21643067Vendor Advisory
- http://www.securityfocus.com/bid/61419
- http://www.securitytracker.com/id/1028829
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84904
- http://secunia.com/advisories/54286
- http://www-01.ibm.com/support/docview.wss?uid=swg21643067Vendor Advisory
- http://www.securityfocus.com/bid/61419
- http://www.securitytracker.com/id/1028829
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84904
FAQ
What is CVE-2013-3979?
CVE-2013-3979 is a vulnerability with a CVSS score of 3.5 (LOW). Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Web\Content\Help\ in the Web Client in IBM Cognos Command Center (aka Star Command Center or Star Analytics) before 10.1, when ...
How severe is CVE-2013-3979?
CVE-2013-3979 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-3979?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Star Command Center, Microsoft Internet Explorer.