CVE-2013-0572

IBM Document Connect <1.0.0.1218 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in IBM Document Connect for Application Support Facility (aka DC4ASF) before 1.0.0.1218 in Application Support Facility (ASF) 3.4 for z/OS on Windows, Linux, and AIX allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors.

References (2)

[Vendor Advisory] http://www-01.ibm.com/support/docview.wss?uid=swg21635328

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/83247

Scores

EPSS 0.0015

EPSS Percentile 34.8%

Details

CWE

CWE-79

Status published

Products (6)

ibm/application_support_facility

ibm/document_connect_for_application_support_facility < 1.0.0.1204

n/a/n/a

Published Apr 27, 2013

Tracked Since Feb 18, 2026