5 matches found
EUVD-2017-10516
Malware in sbrugna...
IBM Worklight / MobileFirst Cross Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 a3/4 Reflected Cross-Site Scripting in IBM Worklight OAuth Server Web Api a1/2 ======== a3/4 Table of Contents a1/2 ========================================= 0. Overview 1. Detailed Description 2. Proof Of Concept 3. Solution 4. Disclosure Timeline ...
Cross site scripting
A Reflected Cross Site Scripting XSS vulnerability exists in the authorization function exposed by RESTful Web Api of IBM Worklight Framework 6.1, 6.2, 6.3, 7.0, 7.1, and 8.0. The vulnerable parameter is "scope"; if you set as its value a "realm" not defined in authenticationConfig.xml, you get a...
CVE-2017-1500
A Reflected Cross Site Scripting XSS vulnerability exists in the authorization function exposed by RESTful Web Api of IBM Worklight Framework 6.1, 6.2, 6.3, 7.0, 7.1, and 8.0. The vulnerable parameter is "scope"; if you set as its value a "realm" not defined in authenticationConfig.xml, you get a...
CVE-2017-1500
A Reflected Cross Site Scripting XSS vulnerability exists in the authorization function exposed by RESTful Web Api of IBM Worklight Framework 6.1, 6.2, 6.3, 7.0, 7.1, and 8.0. The vulnerable parameter is "scope"; if you set as its value a "realm" not defined in authenticationConfig.xml, you get a...