PT-2008-2335 · Ibm · Ibm Websphere Edge Server Caching Proxy

Published

2008-02-12

Updated

2011-03-08

CVE-2008-0717

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions IBM WebSphere Edge Server Caching Proxy (CP) versions 5.1 through 6.1

Description A cross-site scripting (XSS) issue exists when CGI mapping rules are enabled, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger injection into an error response.

Recommendations For versions 5.1 through 6.1, consider disabling CGI mapping rules as a temporary workaround until a patch is available. Restrict access to error responses to minimize the risk of exploitation.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2008-0717

Affected Products

Ibm Websphere Edge Server Caching Proxy

PT-2008-2335 · Ibm · Ibm Websphere Edge Server Caching Proxy

CVE-2008-0717

Weakness Enumeration

Related Identifiers

Affected Products

References · 6