CVE-2009-3745

Опубликовано: 22 окт. 2009

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the help pages in IBM Rational AppScan Enterprise Edition 5.5.0.2 allows remote attackers to inject arbitrary web script or HTML via the query string.

Ссылки

http://secunia.com/advisories/37093
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PK97516
Exploit
http://www-01.ibm.com/support/docview.wss?uid=swg24024704
Patch
http://www.securityfocus.com/bid/36734
http://www.vupen.com/english/advisories/2009/2974
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/53821
http://secunia.com/advisories/37093
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PK97516
Exploit
http://www-01.ibm.com/support/docview.wss?uid=swg24024704
Patch
http://www.securityfocus.com/bid/36734
http://www.vupen.com/english/advisories/2009/2974
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/53821

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:rational_appscan:5.5.0.2:*:enterprise:*:*:*:*:*

EPSS

Процентиль: 64%

0.00463

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-cv7m-77hj-cr43

github

почти 4 года назад