Summary
The host is running IBM WebSphere Application Server and is prone to Cross-site Scripting vulnerability.
Impact
Successful exploitation will let attackers to conduct Cross-site scripting attacks.
Impact Level: Application
Solution
Upgrade to IBM WAS version 6.0.2.43, 6.1.0.33 or 7.0.0.11, For updates refer to http://www.ibm.com/developerworks/downloads/ws/was/
Insight
The flaw is due to an error in the Administration Console, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected
IBM WAS Version 6.0 before 6.0.2.43, 6.1 before 6.1.0.33 and 7.0 before 7.0.0.11
References
Severity
Classification
-
CVE CVE-2010-0778, CVE-2010-0779 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities