Cross site scripting

2013-04-2311:47:00

PRIOn knowledge base

www.prio-n.com

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x before 3.3, and 8, allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) WebProcess.srv, (2) the html/en/default/ directory, (3) Widget/resource, (4) birt/frameset, or (5) ganttlib/gantt-jws.jnlp.

CPENameOperatorVersion
tririga_application_platformeq2.1
tririga_application_platformeq3.0
tririga_application_platformeq3.2.1
tririga_application_platformeq3.1
tririga_application_platformeq2.7
tririga_application_platformeq8.0
tririga_application_platformeq2.5
tririga_application_platformeq2.6
tririga_application_platformeq3.2

Name	Operator	Version
tririga_application_platform	eq	2.1
tririga_application_platform	eq	3.0
tririga_application_platform	eq	3.2.1
tririga_application_platform	eq	3.1
tririga_application_platform	eq	2.7
tririga_application_platform	eq	8.0
tririga_application_platform	eq	2.5
tririga_application_platform	eq	2.6
tririga_application_platform	eq	3.2