Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, leading to improper interaction with the Windows MHTML protocol handler.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Sterling B2B Integrator | 5.2 |
| Ibm | Sterling File Gateway | 2.2 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC96055
- http://www-01.ibm.com/support/docview.wss?uid=swg21657539Vendor Advisory
- http://www.securityfocus.com/bid/64446
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87355
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC96055
- http://www-01.ibm.com/support/docview.wss?uid=swg21657539Vendor Advisory
- http://www.securityfocus.com/bid/64446
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87355
FAQ
What is CVE-2013-5406?
CVE-2013-5406 is a vulnerability with a CVSS score of 3.5 (LOW). Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject arbitrary web script or HTML via unspeci...
How severe is CVE-2013-5406?
CVE-2013-5406 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-5406?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Sterling B2B Integrator, Ibm Sterling File Gateway.