CVE-2013-4003

IBM Tririga Application Platform < 3.3.0.1 - XSS

Title source: rule

Description

Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x before 3.3.1.1, and 8, allow remote authenticated users to inject arbitrary web script or HTML via (1) unspecified input to WebProcess.srv, (2) unspecified input to html/en/default/actionHandler/queryHandler.jsp, or (3) unspecified input in a portalSectionId action to html/en/default/reportTemplate/hGridTopQuery.jsp.

References (3)

Scores

EPSS 0.0019
EPSS Percentile 40.4%

Details

CWE
CWE-79
Status published
Products (11)
ibm/tririga_application_platform < 3.3.0.1
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
... and 1 more
Published Aug 29, 2013
Tracked Since Feb 18, 2026