Описание
Multiple cross-site scripting (XSS) vulnerabilities in the JSF Widget Library Runtime in IBM Rational Application Developer for WebSphere Software before 7.0.0.10 and Rational Software Architect before 7.0.0.10 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) the JSF Tree Control and (2) the JavaScript Resource Servlet.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Patch
- Patch
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Patch
- Patch
Уязвимые конфигурации
Одно из
EPSS
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
Multiple cross-site scripting (XSS) vulnerabilities in the JSF Widget Library Runtime in IBM Rational Application Developer for WebSphere Software before 7.0.0.10 and Rational Software Architect before 7.0.0.10 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) the JSF Tree Control and (2) the JavaScript Resource Servlet.
EPSS
4.3 Medium
CVSS2