← voltar
CVE-2010-0714

CVE-2010-0714

EPSS 3.5%
Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to inject arbitrary web script or HTML via the query string.
Produtos afetados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/33675não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://exchange.xforce.ibmcloud.com/vulnerabilities/56508http://www-01.ibm.com/support/docview.wss?uid=swg21421469http://www-1.ibm.com/support/docview.wss?uid=swg1PM03233http://www.hacktics.com/content/advisories/AdvIBM20100224.htmlhttp://www.securityfocus.com/archive/1/509744/100/0/threadedhttp://www.securityfocus.com/bid/38412http://www.securitytracker.com/id?1023660