Search criteria

6 vulnerabilities found for social_media_analytics by ibm

FKIE_CVE-2014-8917

Vulnerability from fkie_nvd - Published: 2015-01-28 22:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/video.swf in the IBM Dojo Toolkit, as used in IBM Social Media Analytics 1.3 before IF11 and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
psirt@us.ibm.comhttp://secunia.com/advisories/62590
psirt@us.ibm.comhttp://secunia.com/advisories/62837
psirt@us.ibm.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21694693Patch, Vendor Advisory
psirt@us.ibm.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21696013Vendor Advisory
psirt@us.ibm.comhttp://www.securityfocus.com/bid/72903
psirt@us.ibm.comhttp://www.securitytracker.com/id/1032376
psirt@us.ibm.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/99303
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/62590
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/62837
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21694693Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21696013Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/72903
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032376
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/99303
Impacted products
Vendor Product Version
ibm social_media_analytics *
ibm financial_transaction_manager 2.0.0.0
ibm financial_transaction_manager 2.0.0.1
ibm financial_transaction_manager 2.0.0.2
ibm financial_transaction_manager 2.0.0.3
ibm financial_transaction_manager 2.1.0.0
ibm financial_transaction_manager 2.1.0.1
ibm financial_transaction_manager 2.1.0.2
ibm financial_transaction_manager 2.1.1.0
ibm financial_transaction_manager 2.1.1.1
ibm financial_transaction_manager 3.0.0.0
ibm financial_transaction_manager_for_check_services 2.1.1.8
ibm financial_transaction_manager_for_corporate_payment_services 2.1.1.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:social_media_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CE0E0AB-2001-43EC-8567-F43FC86E891E",
              "versionEndIncluding": "1.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:financial_transaction_manager:2.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE1B7481-D995-46AA-9761-481625A8E6CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:financial_transaction_manager:2.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DE18A8-618E-458A-B540-1691D822997E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:financial_transaction_manager:2.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1273B643-91DC-48D7-A42B-449E7A2EA986",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:financial_transaction_manager:2.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "707B2AEE-74AD-48EE-8382-1193A4F858BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:financial_transaction_manager:2.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BA04226-260E-4048-BB02-19226DC2360B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:financial_transaction_manager:2.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "240A1A0D-6967-4DE5-A92C-E9A6DC401E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:financial_transaction_manager:2.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6516D058-8F4E-464C-A552-C04E0427AD8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:financial_transaction_manager:2.1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "540CB2B6-7A52-46E0-BB86-CB696D2D5722",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:financial_transaction_manager:2.1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "846CE234-EAB3-4D8A-894F-F97A1EDF4A8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:financial_transaction_manager:3.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD984921-7567-4A54-B23C-40D5250114DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:financial_transaction_manager_for_check_services:2.1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FB0BED1-F7B6-4F97-9A93-BE81AA05C8C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:financial_transaction_manager_for_corporate_payment_services:2.1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C24501FA-B465-4209-B929-97BF90521B7A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/video.swf in the IBM Dojo Toolkit, as used in IBM Social Media Analytics 1.3 before IF11 and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de XSS en (1) dojox/form/resources/uploader.swf (tambi\u00e9n conocido como upload.swf), (2) dojox/form/resources/fileuploader.swf (tambi\u00e9n conocido como fileupload.swf), (3) dojox/av/resources/audio.swf, y (4) dojox/av/resources/video.swf en el juego de herramientas de IBM Dojo, utilizado en IBM Social Media Analytics 1.3 anterior a IF11 y otros productos, permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2014-8917",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2015-01-28T22:59:00.047",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://secunia.com/advisories/62590"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://secunia.com/advisories/62837"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21694693"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696013"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securityfocus.com/bid/72903"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securitytracker.com/id/1032376"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/62590"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/62837"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21694693"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696013"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/72903"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1032376"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99303"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2013-3999

Vulnerability from fkie_nvd - Published: 2013-07-25 11:59 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in IBM Social Media Analytics 1.2 before FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
psirt@us.ibm.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21644427Vendor Advisory
psirt@us.ibm.comhttp://www-01.ibm.com/support/docview.wss?uid=swg24034591Vendor Advisory
psirt@us.ibm.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/85253
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21644427Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg24034591Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/85253
Impacted products
Vendor Product Version
ibm social_media_analytics 1.2.0.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:social_media_analytics:1.2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0280FEE7-731E-4FE1-9891-8D4268B482EE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in IBM Social Media Analytics 1.2 before FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en IBM Social Media Analytics v1.2 anteriores a FP1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias mediante vectores no especificados."
    }
  ],
  "id": "CVE-2013-3999",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-07-25T11:59:07.447",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644427"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034591"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85253"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644427"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034591"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85253"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2014-8917 (GCVE-0-2014-8917)

Vulnerability from cvelistv5 – Published: 2015-01-28 22:00 – Updated: 2024-08-06 13:33
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/video.swf in the IBM Dojo Toolkit, as used in IBM Social Media Analytics 1.3 before IF11 and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
ibm
References
http://secunia.com/advisories/62590 third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://secunia.com/advisories/62837 third-party-advisoryx_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
http://www.securitytracker.com/id/1032376 vdb-entryx_refsource_SECTRACK
http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
http://www.securityfocus.com/bid/72903 vdb-entryx_refsource_BID
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:33:12.610Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "62590",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62590"
          },
          {
            "name": "ibm-dojo-cve20148917-xss(99303)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99303"
          },
          {
            "name": "62837",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62837"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696013"
          },
          {
            "name": "1032376",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032376"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21694693"
          },
          {
            "name": "72903",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/72903"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-01-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/video.swf in the IBM Dojo Toolkit, as used in IBM Social Media Analytics 1.3 before IF11 and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-07T15:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "62590",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62590"
        },
        {
          "name": "ibm-dojo-cve20148917-xss(99303)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99303"
        },
        {
          "name": "62837",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62837"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696013"
        },
        {
          "name": "1032376",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032376"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21694693"
        },
        {
          "name": "72903",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/72903"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-8917",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/video.swf in the IBM Dojo Toolkit, as used in IBM Social Media Analytics 1.3 before IF11 and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "62590",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62590"
            },
            {
              "name": "ibm-dojo-cve20148917-xss(99303)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99303"
            },
            {
              "name": "62837",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62837"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21696013",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696013"
            },
            {
              "name": "1032376",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032376"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21694693",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21694693"
            },
            {
              "name": "72903",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/72903"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2014-8917",
    "datePublished": "2015-01-28T22:00:00",
    "dateReserved": "2014-11-14T00:00:00",
    "dateUpdated": "2024-08-06T13:33:12.610Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-3999 (GCVE-0-2013-3999)

Vulnerability from cvelistv5 – Published: 2013-07-24 14:00 – Updated: 2024-08-06 16:30
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in IBM Social Media Analytics 1.2 before FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
ibm
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:30:49.165Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644427"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034591"
          },
          {
            "name": "smanalytics-cve20133999-xss(85253)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85253"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in IBM Social Media Analytics 1.2 before FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644427"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034591"
        },
        {
          "name": "smanalytics-cve20133999-xss(85253)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85253"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-3999",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in IBM Social Media Analytics 1.2 before FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21644427",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644427"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24034591",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034591"
            },
            {
              "name": "smanalytics-cve20133999-xss(85253)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85253"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-3999",
    "datePublished": "2013-07-24T14:00:00",
    "dateReserved": "2013-06-07T00:00:00",
    "dateUpdated": "2024-08-06T16:30:49.165Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-8917 (GCVE-0-2014-8917)

Vulnerability from nvd – Published: 2015-01-28 22:00 – Updated: 2024-08-06 13:33
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/video.swf in the IBM Dojo Toolkit, as used in IBM Social Media Analytics 1.3 before IF11 and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
ibm
References
http://secunia.com/advisories/62590 third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://secunia.com/advisories/62837 third-party-advisoryx_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
http://www.securitytracker.com/id/1032376 vdb-entryx_refsource_SECTRACK
http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
http://www.securityfocus.com/bid/72903 vdb-entryx_refsource_BID
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:33:12.610Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "62590",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62590"
          },
          {
            "name": "ibm-dojo-cve20148917-xss(99303)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99303"
          },
          {
            "name": "62837",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62837"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696013"
          },
          {
            "name": "1032376",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032376"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21694693"
          },
          {
            "name": "72903",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/72903"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-01-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/video.swf in the IBM Dojo Toolkit, as used in IBM Social Media Analytics 1.3 before IF11 and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-07T15:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "62590",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62590"
        },
        {
          "name": "ibm-dojo-cve20148917-xss(99303)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99303"
        },
        {
          "name": "62837",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62837"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696013"
        },
        {
          "name": "1032376",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032376"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21694693"
        },
        {
          "name": "72903",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/72903"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-8917",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/video.swf in the IBM Dojo Toolkit, as used in IBM Social Media Analytics 1.3 before IF11 and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "62590",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62590"
            },
            {
              "name": "ibm-dojo-cve20148917-xss(99303)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99303"
            },
            {
              "name": "62837",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62837"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21696013",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696013"
            },
            {
              "name": "1032376",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032376"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21694693",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21694693"
            },
            {
              "name": "72903",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/72903"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2014-8917",
    "datePublished": "2015-01-28T22:00:00",
    "dateReserved": "2014-11-14T00:00:00",
    "dateUpdated": "2024-08-06T13:33:12.610Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-3999 (GCVE-0-2013-3999)

Vulnerability from nvd – Published: 2013-07-24 14:00 – Updated: 2024-08-06 16:30
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in IBM Social Media Analytics 1.2 before FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
ibm
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:30:49.165Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644427"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034591"
          },
          {
            "name": "smanalytics-cve20133999-xss(85253)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85253"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in IBM Social Media Analytics 1.2 before FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644427"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034591"
        },
        {
          "name": "smanalytics-cve20133999-xss(85253)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85253"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-3999",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in IBM Social Media Analytics 1.2 before FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21644427",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644427"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24034591",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034591"
            },
            {
              "name": "smanalytics-cve20133999-xss(85253)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85253"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-3999",
    "datePublished": "2013-07-24T14:00:00",
    "dateReserved": "2013-06-07T00:00:00",
    "dateUpdated": "2024-08-06T16:30:49.165Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}