CVE-2013-5376

IBM Storwize V7000 Unified <1.4.2.0 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, related to a "cross frame scripting" attack against an administrative user.

References (2)

[Vendor Advisory] http://www.ibm.com/support/docview.wss?uid=ssg1S1004452

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/86902

Scores

EPSS 0.0024

EPSS Percentile 46.3%

Details

CWE

CWE-79

Status published

Products (9)

ibm/storwize_v7000_unified_software

ibm/storwize_v7000_unified

n/a/n/a

Published Oct 17, 2013

Tracked Since Feb 18, 2026