PT-2011-3090 · Ibm · Ibm Websphere Ilog Rule Team Server
Published
2011-10-28
·
Updated
2017-08-17
·
CVE-2011-1371
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
IBM WebSphere ILOG Rule Team Server version 7.1.1
Description
A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This occurs via vectors that trigger an Unknown Error document.
Recommendations
For IBM WebSphere ILOG Rule Team Server version 7.1.1, consider disabling access to the content/error.jsp page until a fix is available. Restrict input to prevent injection of malicious scripts or HTML.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Websphere Ilog Rule Team Server