Security Bulletin: IBM Enterprise Records Non-Persistent Cross-Site Scripting Vulnerability (CVE-2013-6314) and "Clickjacking" Vulnerability (CVE-2013-6315)
|
Información sobre el sistema
|
|
|
Software afectado |
IBM |
Descripción
|
A non-persitent Cross-Site Scripting (XSS) vulnerability and a "Clickjacking" (application running in a frame) vulnerability have been identified in the IBM Enterprise Records product CVE(s): CVE-2013-6314, and CVE-2013-6315 Affected product(s) and affected version(s): IBM InfoSphere Enterprise Records 4.5.1/IBM Enterprise Records 5.1.1. IBM Enterprise Records 5.1.2 is not affected. Refer to the following reference URLs for remediation and additional vulnerability details: Source
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_enterprise_records_non_persistent_cross_site_scripting_vulnerability_cve_2013_6314_and_clickjacking_vulnerability_cve_2013_6315?lang=en_us |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2013-6314 ,CVE-2013-6315 ,CVE-2013-5791 ,CVE-2013-5763 ,CVE-2013-5440 ,CVE-2013-5426 and CVE-2013-6717. |