VIR Vulnerability Intelligence Relay

CVE-2013-0572

low
Published 2013-04-27 · Modified 2026-04-29
CVSS v3
VIR risk
2.3

Description

Cross-site scripting (XSS) vulnerability in IBM Document Connect for Application Support Facility (aka DC4ASF) before 1.0.0.1218 in Application Support Facility (ASF) 3.4 for z/OS on Windows, Linux, and AIX allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

Application impact
VendorProductVersionsFixed
ibm ibmapplication_support_facility3.4.0
ibm ibmdocument_connect_for_application_support_facility{"endIncluding":"1.0.0.1204"}

References

CWEs

CWE-79

💬 Discuss CVE-2013-0572 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.