Lucene search
RootSSV:61160HistoryDec 17, 2013 - 12:00 a.m.
IBM WebSphere Service Registry和Repository HTML注入漏洞
2013-12-1700:00:00
Root
www.seebug.org
6
0.001 Low
EPSS
Percentile
40.0%
Bugtraq ID:64301
CVE ID:CVE-2013-6721
IBM WebSphere Service Registry and Repository是一款使用户能够发布、查找、扩充、管理和治理SOA中服务的工具。
相关WSRR工具的输入在使用之前缺少正确过滤,允许远程攻击者利用漏洞注入恶意脚本或HTML代码,当恶意数据被查看时可获取敏感信息或者劫持用户会话。
0
IBM WebSphere Service Registry and Repository 7.5
IBM WebSphere Service Registry and Repository 7.5.0.1
IBM WebSphere Service Registry and Repository 7.5.0.2
IBM WebSphere Service Registry and Repository 7.5.0.3
IBM WebSphere Service Registry and Repository 8.0
IBM WebSphere Service Registry and Repository 8.0.0.1
IBM WebSphere Service Registry and Repository 8.0.0.2
厂商补丁:
IBM
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
prion
prion
Cross site scripting
2013-12-17 15:21:00
nessus
nessus
nvd
nvd
CVE-2013-6721
2013-12-17 15:21:28
cve
cve
CVE-2013-6721
2013-12-17 15:21:28
cvelist
cvelist
CVE-2013-6721
2013-12-17 11:00:00