CVE-2013-0464

MEDIUM

Description

Multiple cross-site scripting (XSS) vulnerabilities in IBM Eclipse Help System (IEHS) 3.4.3 and 3.6.2, as used in IBM SPSS Data Collection 6.0, 6.0.1, and 7.0, allow remote attackers to inject arbitrary web script or HTML via a crafted URL.

References

http://secunia.com/advisories/54971

http://secunia.com/advisories/55115

http://www.securityfocus.com/bid/60246

http://www-01.ibm.com/support/docview.wss?uid=swg21637954

https://exchange.xforce.ibmcloud.com/vulnerabilities/81060

Details

Source: MITRE

Published: 2013-06-03

Updated: 2017-08-29

Type: CWE-79

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM