2 matches found
IBM WebSphere Application Server跨站脚本执行和安全限制绕过漏洞
BUGTRAQ ID: 51559 CVE ID: CVE-2011-5065 IBM WebSphere Application Server WAS是由IBM遵照开放标准开发并发行的一种应用服务器。 IBM WebSphere Application Server WAS Web Services Feature Pack 6.1.0.41之前版本中存在XSS漏洞,可允许远程攻击者注入任意Web脚本或HTML脚本。 0 IBM Websphere Application Server 6.1.x 厂商补丁: IBM --- IBM已经为此发布了一个安全公告(72336)以及相应补丁:...
CVE-2011-1377
The Web Services Security component in the Web Services Feature Pack before 6.1.0.41 for IBM WebSphere Application Server WAS 6.1 does not properly handle the enabling of WS-Security for a JAX-WS application, which has unspecified impact and attack vectors...