Cross site scripting

2013-11-1805:23:00

PRIOn knowledge base

www.prio-n.com

5.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.2%

JSON

Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 allows remote attackers to inject arbitrary web script or HTML via HTTP response data.

CPENameOperatorVersion
websphere_application_servereq7.0.0.14
websphere_application_servereq8.5.0.2
websphere_application_servereq7.0.0.12
websphere_application_servereq7.0.0.2
websphere_application_servereq7.0.0.24
websphere_application_servereq7.0.0.25
websphere_application_servereq7.0.0.5
websphere_application_servereq7.0.0.18
websphere_application_servereq8.0.0.5
websphere_application_servereq7.0.0.15

Name	Operator	Version
websphere_application_server	eq	7.0.0.14
websphere_application_server	eq	8.5.0.2
websphere_application_server	eq	7.0.0.12
websphere_application_server	eq	7.0.0.2
websphere_application_server	eq	7.0.0.24
websphere_application_server	eq	7.0.0.25
websphere_application_server	eq	7.0.0.5
websphere_application_server	eq	7.0.0.18
websphere_application_server	eq	8.0.0.5
websphere_application_server	eq	7.0.0.15