What is the severity of CVE-2013-0596?

CVE-2013-0596 is a high-severity vulnerability that allows remote attackers to inject arbitrary web script or HTML.

How can I mitigate the risks associated with CVE-2013-0596?

To mitigate CVE-2013-0596, upgrade to IBM WebSphere Application Server version 6.1.0.47 or later.

What versions of IBM WebSphere Application Server are affected by CVE-2013-0596?

CVE-2013-0596 affects all versions of IBM WebSphere Application Server 6.1 prior to 6.1.0.47.

Can I apply a patch to address CVE-2013-0596?

IBM has released a fix in version 6.1.0.47, hence applying this update resolves CVE-2013-0596.

Is user interaction required to exploit CVE-2013-0596?

No, CVE-2013-0596 can be exploited by remote attackers without the need for user interaction.

Vulnerability/
CVE-2013-0596

medium

4.3

CWE

20/9/2013

6/8/2024

CVE-2013-0596: XSS

First published: Fri Sep 20 2013(Updated: )

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM WebSphere Application Server Feature Pack for Web Services	=6.1
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.0
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.1
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.2
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.3
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.5
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.7
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.9
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.11
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.12
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.13
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.14
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.15
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.17
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.19
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.21
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.23
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.25
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.27
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.29
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.31
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.33
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.35
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.37
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.39
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.41
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.43
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.45

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-0596?
CVE-2013-0596 is a high-severity vulnerability that allows remote attackers to inject arbitrary web script or HTML.
How can I mitigate the risks associated with CVE-2013-0596?
To mitigate CVE-2013-0596, upgrade to IBM WebSphere Application Server version 6.1.0.47 or later.
What versions of IBM WebSphere Application Server are affected by CVE-2013-0596?
CVE-2013-0596 affects all versions of IBM WebSphere Application Server 6.1 prior to 6.1.0.47.
Can I apply a patch to address CVE-2013-0596?
IBM has released a fix in version 6.1.0.47, hence applying this update resolves CVE-2013-0596.
Is user interaction required to exploit CVE-2013-0596?
No, CVE-2013-0596 can be exploited by remote attackers without the need for user interaction.

agent/type
collector/mitre-cve
source/MITRE
agent/references
agent/author
agent/severity
agent/last-modified-date
agent/description
agent/event
agent/first-publish-date
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm websphere application server feature pack for web services
version/ibm websphere application server feature pack for web services/6.1
version/ibm websphere application server feature pack for web services/6.1.0
version/ibm websphere application server feature pack for web services/6.1.0.0
version/ibm websphere application server feature pack for web services/6.1.0.1
version/ibm websphere application server feature pack for web services/6.1.0.2
version/ibm websphere application server feature pack for web services/6.1.0.3
version/ibm websphere application server feature pack for web services/6.1.0.5
version/ibm websphere application server feature pack for web services/6.1.0.7
version/ibm websphere application server feature pack for web services/6.1.0.9
version/ibm websphere application server feature pack for web services/6.1.0.11
version/ibm websphere application server feature pack for web services/6.1.0.12
version/ibm websphere application server feature pack for web services/6.1.0.13
version/ibm websphere application server feature pack for web services/6.1.0.14
version/ibm websphere application server feature pack for web services/6.1.0.15
version/ibm websphere application server feature pack for web services/6.1.0.17
version/ibm websphere application server feature pack for web services/6.1.0.19
version/ibm websphere application server feature pack for web services/6.1.0.21
version/ibm websphere application server feature pack for web services/6.1.0.23
version/ibm websphere application server feature pack for web services/6.1.0.25
version/ibm websphere application server feature pack for web services/6.1.0.27
version/ibm websphere application server feature pack for web services/6.1.0.29
version/ibm websphere application server feature pack for web services/6.1.0.31
version/ibm websphere application server feature pack for web services/6.1.0.33
version/ibm websphere application server feature pack for web services/6.1.0.35
version/ibm websphere application server feature pack for web services/6.1.0.37
version/ibm websphere application server feature pack for web services/6.1.0.39
version/ibm websphere application server feature pack for web services/6.1.0.41
version/ibm websphere application server feature pack for web services/6.1.0.43
version/ibm websphere application server feature pack for web services/6.1.0.45