CVE-2013-6738
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0048 (0.5%)
Percentile: 65.1%
EPSS: 2026-05-06
Affects
ibm:smartcloud_analytics_log_analysisTechnical description
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.
Published: 4/24/2014, 10:55:02 AM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV57425
- http://www-01.ibm.com/support/docview.wss?uid=swg21669137
- http://www-01.ibm.com/support/docview.wss?uid=swg21669554
- http://www-01.ibm.com/support/docview.wss?uid=swg21676091
- http://www-01.ibm.com/support/docview.wss?uid=swg21676092
- http://www.securityfocus.com/bid/67051
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89854
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV57425