CVSS: 3.5EPSS: 0%CPEs: 4EXPL: 0CVE-2013-5390
https://notcve.org/view.php?id=CVE-2013-5390
Cross-site scripting (XSS) vulnerability in the monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la consola de monitorización en IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, y 8.6.0 permite a atacantes remotos sin autenticar inyectar script web arbitrario o HTML a través de vectores sin especificar. • http://www-01.ibm.com/support/docview.wss?uid=swg1PM97439 http://www-01.ibm.com/support/docview.wss?uid=swg21652630 https://exchange.xforce.ibmcloud.com/vulnerabilities/87126 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2013-5393
https://notcve.org/view.php?id=CVE-2013-5393
The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors. La consola de monitorización en IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, y 8.6.0 no procesa adecuadamente acciones de cierre de sesión, lo que tiene un impacto desconocido y vectores de ataque remotos. • http://www-01.ibm.com/support/docview.wss?uid=swg1PM97439 http://www-01.ibm.com/support/docview.wss?uid=swg21652630 https://exchange.xforce.ibmcloud.com/vulnerabilities/87153 •