CVE-2014-3013

2014-06-1816:00:00

ibm

www.cve.org

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

36.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in IBM Curam Social Program Management 4.5 SP10 through 6.0.5.4 allow remote authenticated users to inject arbitrary web script or HTML via crafted input to a (1) custom JSP or (2) custom renderer.

References

secunia.com/advisories/59259

www-01.ibm.com/support/docview.wss?uid=swg21675415

exchange.xforce.ibmcloud.com/vulnerabilities/93011