Multiple cross-site scripting (XSS) vulnerabilities in content/internalError.jsp in IBM WebSphere ILOG JRules 6.7 allow remote attackers to inject arbitrary web script or HTML via an RTS URL to (1) explore/explore.jsp, (2) compose/compose.jsp, or (3) home.jsp in faces/.
References
Link | Resource |
---|---|
http://secunia.com/advisories/40275 | Vendor Advisory |
http://www-01.ibm.com/support/docview.wss?uid=swg1RS00133 | Vendor Advisory |
http://www.securityfocus.com/bid/41030 | Exploit |
https://exchange.xforce.ibmcloud.com/vulnerabilities/59609 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2010-06-23T19:00:00
Updated: 2017-08-16T14:57:01
Reserved: 2010-06-23T00:00:00
Link: CVE-2010-2433
JSON object: View
NVD Information
Status : Modified
Published: 2010-06-24T12:17:47.843
Modified: 2017-08-17T01:32:43.540
Link: CVE-2010-2433
JSON object: View
Redhat Information
No data.
CWE