CVE-2013-5462

IBM Content Navigator <2.0.1.2-ICN-FP002 - XSS

Title source: llm
STIX 2.1

Description

IBM/ECMClient/configure/explodedformat/navigator/header.jsp in IBM Content Navigator 2.0.0, 2.0.1 before 2.0.1.2-ICN-FP002, and 2.0.2 before 2.0.2.1-ICN-FP001 allows remote attackers to conduct clickjacking attacks via vectors involving FRAME elements.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1037704
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21660223
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/88358

Scores

EPSS 0.0180
EPSS Percentile 75.9%

Details

CWE
CWE-20
Status published
Products (3)
ibm/content_navigator 2.0.0
ibm/content_navigator 2.0.1
ibm/content_navigator 2.0.2
Published Dec 19, 2013
Tracked Since Feb 18, 2026