1 results (0.003 seconds)
CVSS: 6.1EPSS: 1%CPEs: 42EXPL: 2
CVSS: 6.1EPSS: 1%CPEs: 42EXPL: 2CVE-2013-0499 – IBM WebSphere DataPower 3.8.2 / 4.0.x / 5.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2013-0499
23 May 2013 — Cross-site scripting (XSS) vulnerability in the echo functionality on IBM WebSphere DataPower SOA appliances with firmware 3.8.2, 4.0, 4.0.1, 4.0.2, and 5.0.0 allows remote attackers to inject arbitrary web script or HTML via a SOAP message, as demonstrated by the XML Firewall, Multi Protocol Gateway (MPGW), Web Service Proxy, and Web Token services. Una vulnerabilidad de tipo cross-site scripting (XSS) en la funcionalidad echo en dispositivos SOA WebSphere DataPower de IBM con la versión de firmware 3.8.2,... • http://seclists.org/bugtraq/2013/May/83 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •