← back
CVE-2008-5228

CVE-2008-5228

EPSS 1.2%
Cross-site scripting (XSS) vulnerability in IBM Workplace Content Management (WCM) 6.0G and 6.1 before CF8, when a Page Navigation Component shows menu entries, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in the URI, related to parameters "not being encoded."
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/32763https://exchange.xforce.ibmcloud.com/vulnerabilities/46749http://www-01.ibm.com/support/docview.wss?uid=swg1PK73108http://www-01.ibm.com/support/docview.wss?uid=swg1PK73933http://www.securityfocus.com/bid/32408http://www.vupen.com/english/advisories/2008/3234