CVE-2013-4045

{"id": "CVE-2013-4045", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2013-12-21T14:22:56.677", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM95817", "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21660191", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86421", "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM95817", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21660191", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86421", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad cross-site scripting (XSS) en la aplicaci\u00f3n Portal de IBM SPS Collaboration and Deployment Services 4.2.1 anteriores a 4.2.1.3 IF3 y 5.0 anteriores a FP3 permite a atacantes remotos inyectar script web o HTML de forma arbitraria a trav\u00e9s de vectores no especificados."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92B33DCA-ADCC-4521-9B8D-4A407FB9608E"}, {"criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FAA2C39D-902A-442F-AA6B-62BC8C380436"}, {"criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D801CF8-F6A0-4E40-8011-AE8D5A2F5C0B"}, {"criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFB0A724-CAC6-45E1-85D6-592BE4660695"}, {"criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FA0641C-E2DB-4FDA-BD5F-51C7195D5389"}, {"criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F050F5EC-1334-45FC-911D-75FB5B9C7244"}, {"criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CD574C3-DA32-4CD6-95DB-39F0CE663D6E"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}