CVE-2013-4003 Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x before 3.3.1.1 and 8 allow remote authenticated users to inject arbitrary web script or HTML via (1) unspecified input to WebProcess.srv (2) unspecified input to html/en/default/actionHandler/queryHandler.jsp or (3) unspecified input in a portalSectionId action to html/en/default/reportTemplate/hGridTopQuery.jsp.
Reference
http://www-01.ibm.com/support/docview.wss?uid=swg21646694 https://exchange.xforce.ibmcloud.com/vulnerabilities/85266 https://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_tririga_application_platform_has_potential_cross_site_scripting_vulnerabilities_in_various_url_s https://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_tririga_application_platform_has_potential_cross_site_scripting_vulnerabilities_in_various_url_s
Share on: