exploitDog

CVE-2010-0704

Опубликовано: 25 фев. 2010

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the Portlet Palette in IBM WebSphere Portal 6.0.1.5 wp6015_008_01 allows remote attackers to inject arbitrary web script or HTML via the search field.

Ссылки

http://secunia.com/advisories/38574
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PM05829
Vendor Advisory
http://secunia.com/advisories/38574
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PM05829
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:websphere_portal:6.0.1.5:wp6015_008_01:*:*:*:*:*:*

EPSS

Процентиль: 45%

0.00223

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-r77g-m785-86fv

github

почти 4 года назад

Cross-site scripting (XSS) vulnerability in the Portlet Palette in IBM WebSphere Portal 6.0.1.5 wp6015_008_01 allows remote attackers to inject arbitrary web script or HTML via the search field.

EPSS

Процентиль: 45%

0.00223

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79