Cross-site scripting (XSS) vulnerability in IBM Document Connect for Application Support Facility (aka DC4ASF) before 1.0.0.1218 in Application Support Facility (ASF) 3.4 for z/OS on Windows, Linux, and AIX allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors.
References
Link | Resource |
---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg21635328 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/83247 |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2013-04-27 03:16
Updated : 2024-02-04 18:16
NVD link : CVE-2013-0572
Mitre link : CVE-2013-0572
CVE.ORG link : CVE-2013-0572
JSON object : View
Products Affected
ibm
- application_support_facility
- document_connect_for_application_support_facility
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')