Unrated severityNVD Advisory· Published May 2, 2013· Updated Jun 16, 2026
CVE-2013-0582
CVE-2013-0582
Description
Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.12, 6.2.1 before 6.2.1.5, and 6.2.2 before 6.2.2.4 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.12 and 6.2.1 before 6.2.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL that triggers a SAML 2.0 response.
Affected products
29cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.0:*:*:*:*:*:*:*+ 16 more
- cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.2.3:*:*:*:*:*:*:*
- (no CPE)range: <6.2.0.12, <6.2.1.5, <6.2.2.4
cpe:2.3:a:ibm:tivoli_federated_identity_manager_business_gateway:6.2.0:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:ibm:tivoli_federated_identity_manager_business_gateway:6.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager_business_gateway:6.2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager_business_gateway:6.2.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager_business_gateway:6.2.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager_business_gateway:6.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager_business_gateway:6.2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager_business_gateway:6.2.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager_business_gateway:6.2.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager_business_gateway:6.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager_business_gateway:6.2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_federated_identity_manager_business_gateway:6.2.1.4:*:*:*:*:*:*:*
- (no CPE)range: <6.2.0.12, <6.2.1.5
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.