CVE-2007-5944

2007-11-13T20:46:00
ID CVE-2007-5944
Type cve
Reporter NVD
Modified 2011-03-07T22:01:32

Description

Cross-site scripting (XSS) vulnerability in Servlet Engine / Web Container in IBM WebSphere Application Server (WAS) 5.1.1.4 through 5.1.1.16 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header. NOTE: this might be the same issue as CVE-2006-3918, but there are insufficient details to be sure.