No description provided by source.
source: http://www.securityfocus.com/bid/9488/info IBM Net.Data is prone to cross-site scripting attacks via error message output. This may permit a remote attack to create a link to a system hosting the software that includes embedded HTML and script code. This hostile code may be rendered in the web browser of a user who follows the malicious link. Exploitation could permit theft of cookie-based authentication credentials or other attacks. http://www.example.com/cgi-bin/db2www/<script>alert(document.domain)</script>/A