CVE-2013-0571

IBM Document Connect <1.0.0.1218 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in IBM Document Connect for Application Support Facility (aka DC4ASF) before 1.0.0.1218 in Application Support Facility (ASF) 3.4 for z/OS on Windows, Linux, and AIX allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

References (2)

[Vendor Advisory] http://www-01.ibm.com/support/docview.wss?uid=swg21635328

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/83246

Scores

EPSS 0.0019

EPSS Percentile 40.9%

Details

CWE

CWE-79

Status published

Products (6)

ibm/application_support_facility

ibm/document_connect_for_application_support_facility < 1.0.0.1204

n/a/n/a

Published Apr 27, 2013

Tracked Since Feb 18, 2026