CVE-2008-5228

2008-11-25T18:30:00
ID CVE-2008-5228
Type cve
Reporter NVD
Modified 2017-08-07T21:33:11

Description

Cross-site scripting (XSS) vulnerability in IBM Workplace Content Management (WCM) 6.0G and 6.1 before CF8, when a Page Navigation Component shows menu entries, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in the URI, related to parameters "not being encoded."