62 matches found
CVE-2009-2742
IBM WebSphere Application Server 6.1 before 6.1.0.27 is affected by a cross-site scripting (XSS) vulnerability in the Eclipse Help component. The root cause is insufficient validation of input in Eclipse Help, allowing remote attackers to inject arbitrary script/HTML via unspecified input. Affect...
IBM WebSphere Application Server Eclipse Help跨站脚本漏洞
Bugraq ID: 36455 CVE ID:CVE-2009-2742 IBM WebSphere Application Server是一款商业性质的WEB应用服务程序。 IBM WebSphere Application Server包含的Eclipse Help组件不正确验证用户提供的输入,远程攻击者可以利用漏洞使用特殊构建的URL,诱使用户点击,可在目标用户浏览器上执行任意脚本代码。 目前没有详细漏洞细节提供。 IBM Websphere Application Server 6.1 25 IBM Websphere Application Server 6.1 23 IBM...