CVE-2010-0778

Properties

Published:
23.06.2010
Updated:
26.06.2010
Patch available:
Severity:
Medium
CVSS vector:
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Product:
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server
ibm: websphere_application_server

Vulnerability description

Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.33 and 7.0 before 7.0.0.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References:

XF:http://xforce.iss.net/xforce/xfdb/59646