CVE-2013-0572
Severity CVSS v4.0:
Pending analysis
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
27/04/2013
Last modified:
11/04/2025
Description
Cross-site scripting (XSS) vulnerability in IBM Document Connect for Application Support Facility (aka DC4ASF) before 1.0.0.1218 in Application Support Facility (ASF) 3.4 for z/OS on Windows, Linux, and AIX allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors.
Impact
Base Score 2.0
2.30
Severity 2.0
LOW
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:ibm:application_support_facility:3.4.0:-:*:*:*:aix:*:* | ||
cpe:2.3:a:ibm:application_support_facility:3.4.0:-:*:*:*:linux_kernel:*:* | ||
cpe:2.3:a:ibm:application_support_facility:3.4.0:-:*:*:*:windows:*:* | ||
cpe:2.3:a:ibm:application_support_facility:3.4.0:-:*:*:*:z\/os:*:* | ||
cpe:2.3:a:ibm:document_connect_for_application_support_facility:*:*:*:*:*:*:*:* | 1.0.0.1204 (including) |
To consult the complete list of CPE names with products and versions, see this page