CVSS: 3.5EPSS: 0%CPEs: 7EXPL: 0CVE-2014-6178
https://notcve.org/view.php?id=CVE-2014-6178
Cross-site scripting (XSS) vulnerability in the widgets in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x before 7.5.0.4 and 8.0.x before 8.0.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en los widgets de IBM WebSphere Service Registry y Repository (WSRR) 7.5.x anterior a 7.5.0.4 y 8.0.x anterior a 8.0.0.3 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de vectores sin especificar. • http://www-01.ibm.com/support/docview.wss?uid=swg1IV51765 http://www.ibm.com/support/docview.wss?uid=swg21693384 http://www.ibm.com/support/docview.wss?uid=swg21693387 https://exchange.xforce.ibmcloud.com/vulnerabilities/98514 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.5EPSS: 0%CPEs: 16EXPL: 0CVE-2014-6188
https://notcve.org/view.php?id=CVE-2014-6188
Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x before 7.5.0.3, and 8.0.x before 8.0.0.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades XSS en IBM WebSphere Service Registry y Repository (WSRR) 6.3.x anterior a 6.3.0.5, 7.0.x a través de 7.0.0.5, 7.5.x anterior a 7.5.0.3, y 8.0.x anterior a 8.0.0.2 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML a través de vectores sin especificar. • http://www-01.ibm.com/support/docview.wss?uid=swg1IV26727 http://www.ibm.com/support/docview.wss?uid=swg21693379 http://www.ibm.com/support/docview.wss?uid=swg21693381 http://www.ibm.com/support/docview.wss?uid=swg21693384 http://www.ibm.com/support/docview.wss? • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.5EPSS: 0%CPEs: 21EXPL: 0CVE-2014-6132
https://notcve.org/view.php?id=CVE-2014-6132
Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3 through 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en IBM WebSphere Service Registry y Repository (WSRR) 6.3 a través de 6.3.0.5, 7.0.x a través de 7.0.0.5, 7.5.x a través de 7.5.0.4, 8.0.x anterior a 8.0.0.3, y 8.5.x anterior a 8.5.0.1 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de vectores sin especificar. • http://secunia.com/advisories/61805 http://www-01.ibm.com/support/docview.wss?uid=swg1IV64000 http://www.ibm.com/support/docview.wss?uid=swg21693379 http://www.ibm.com/support/docview.wss?uid=swg21693381 http://www.ibm.com/support/docview.wss?uid=swg21693384 http://www.ibm.com/support/docview.wss? • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 21EXPL: 0CVE-2014-3010
https://notcve.org/view.php?id=CVE-2014-3010
Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.2, 6.3 before 6.3.0.6, 7.0 before 7.0.0.6, 7.5 before 7.5.0.5, and 8.0 before 8.0.0.3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Vulnerabilidad de XSS en la interfaz de usuario en IBM WebSphere Service Registry And Repository (WSRR) 6.2, 6.3 anterior a 6.3.0.6, 7.0 anterior a 7.0.0.6, 7.5 anterior a 7.5.0.5 y 8.0 anterior a 8.0.0.3 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de una URL manipulada. • http://secunia.com/advisories/58949 http://www-01.ibm.com/support/docview.wss?uid=swg1IV56254 http://www-01.ibm.com/support/docview.wss?uid=swg21672829 https://exchange.xforce.ibmcloud.com/vulnerabilities/92999 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.5EPSS: 0%CPEs: 7EXPL: 0CVE-2013-6721
https://notcve.org/view.php?id=CVE-2013-6721
Cross-site scripting (XSS) vulnerability in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x before 7.5.0.4 and 8.x through 8.0.0.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving widgets. Vulnerabilidad XSS en IBM WebSphere Service Registry and Repository (WSRR) v7.5.x y anteriores v7.5.0.4 y 8.x hasta 8.0.0.2 permite a usuarios autenticados remotamente inyectar secuencias de comandos web o HTML arbitrarias a través de vectores que involucran widgets. • http://secunia.com/advisories/56130 http://www-01.ibm.com/support/docview.wss?uid=swg1IV51765 http://www-01.ibm.com/support/docview.wss?uid=swg21659623 http://www.securitytracker.com/id/1029498 https://exchange.xforce.ibmcloud.com/vulnerabilities/89230 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •