Cross site scripting

2014-12-2411:59:00

PRIOn knowledge base

www.prio-n.com

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.6%

JSON

Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Service Registry and Repository (WSRR) 7.0.x before 7.0.0.5 and 7.5.x before 7.5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via the HTTP User-Agent header.

CPENameOperatorVersion
websphere_service_registry_and_repositoryeq7.0.0.1
websphere_service_registry_and_repositoryeq7.5.0.0
websphere_service_registry_and_repositoryeq7.0.0.4
websphere_service_registry_and_repositoryeq7.0.0.3
websphere_service_registry_and_repositoryeq7.0.0
websphere_service_registry_and_repositoryeq7.0.0.2

Name	Operator	Version
websphere_service_registry_and_repository	eq	7.0.0.1
websphere_service_registry_and_repository	eq	7.5.0.0
websphere_service_registry_and_repository	eq	7.0.0.4
websphere_service_registry_and_repository	eq	7.0.0.3
websphere_service_registry_and_repository	eq	7.0.0
websphere_service_registry_and_repository	eq	7.0.0.2