IBM WebSphere Application Server IVT Cross Site Scripting Vulnerability Network Vulnerability

Summary

The host is running IBM WebSphere Application Server and is prone to cross site scripting vulnerability.

Impact

Successful exploitation will let attackers to conduct cross-site scripting attacks. Impact Level: Application

Solution

Upgrade to version 6.1.0.41 or 7.0.0.19 or later, For updates refer to http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg24031034

Insight

The flaw is due to an error in Installation Verification Test (IVT) application in the Install component, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected

IBM WebSphere Application Server (WAS) version 6.1 before 6.1.0.41 IBM WebSphere Application Server (WAS) version 7.0 before 7.0.0.19

References

http://xforce.iss.net/xforce/xfdb/69731

Updated on 2017-03-28

Severity

Classification

CVE CVE-2011-1362

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

JBoss Enterprise Application Platform Multiple Vulnerabilities
Cherokee Terminal Escape Sequence in Logs Command Injection Vulnerability
iWeb Server URL Directory Traversal Vulnerability
IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 01 - March 2011
Apache Tomcat Session Fixation Vulnerability (Windows)

Take action and discover your vulnerabilities