CVE-2011-3390

Name of the Vulnerable Software and Affected Versions IBM OpenAdmin Tool (OAT) for Informix versions prior to 2.72

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via specific parameters in a login action, including the informixserver, host, or port parameters.

Recommendations For versions prior to 2.72, update to version 2.72 or later to resolve the issue. As a temporary workaround, consider restricting access to the login action in index.php to minimize the risk of exploitation. Avoid using the informixserver, host, or port parameters in the login action until the issue is resolved.