CVE-2013-0542
https://notcve.org/view.php?id=CVE-2013-0542
Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 allows remote attackers to inject arbitrary web script or HTML via crafted field values. Vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en la consola administrativa de IBM WebSphere Application Server (WAS) v6.1 antes de v6.1.0.47, 7.0 antes de 7.0.0.29, 8.0 antes de 8.0.0.6, y v8.5 antes de v8.5.0.2 permite a atacantes remotos inyectar arbitraria secuencias de comandos web o HTML a través de los valores de campo artesanales. • http://www-01.ibm.com/support/docview.wss?&uid=swg21632423 http://www-01.ibm.com/support/docview.wss?uid=swg1PM81846 https://exchange.xforce.ibmcloud.com/vulnerabilities/82697 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-0462
https://notcve.org/view.php?id=CVE-2013-0462
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.1, 7.0 before 7.0.0.27, 8.0, and 8.5 has unknown impact and attack vectors. Vulnerabilidad no especificada en IBM WebSphere Application Server (WAS) v6,1, v7,0 antes de v7.0.0.27, v8.0, y v8.5 tiene un impacto desconocido y vectores de ataque. • http://www.ibm.com/connections/blogs/PSIRT/entry/security_vulnerabilities_fixed_in_ibm_websphere_application_server_7_0_0_2785 •
CVE-2013-0461
https://notcve.org/view.php?id=CVE-2013-0461
Cross-site scripting (XSS) vulnerability in the virtual member manager (VMM) administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.27, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Cross-site scripting (XSS) en el Virtual Member Manager (VMM) de la consola administrativa de IBM WebSphere Application Server (WAS) v6,1 antes de v6.1.0.47, v7.0.0.27 antes de v7,0, v8,0 antes de v8.0.0.6 y v8.5 antes de v8.5.0.2 que permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1PM71389 http://www.ibm.com/support/docview.wss?uid=swg21622444 https://exchange.xforce.ibmcloud.com/vulnerabilities/81015 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-0459
https://notcve.org/view.php?id=CVE-2013-0459
Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.27, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Cross-site scripting (XSS) en la consola administrativa de IBM WebSphere Application Server (WAS) v6,1 antes de v6.1.0.47, 7,0 antes de 7.0.0.27, 8,0 antes de 8.0.0.6 y 8.5 antes de 8.5.0.2 que permite a atacantes remotos inyectar web script o HTML arbitrario a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1PM72536 http://www.ibm.com/support/docview.wss?uid=swg21622444 https://exchange.xforce.ibmcloud.com/vulnerabilities/81013 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-0458
https://notcve.org/view.php?id=CVE-2013-0458
Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.27, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2, when login security is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de Cross-site scripting (XSS) en la consola administrativa de IBM WebSphere Application Server (WAS) v6.1 anterior a v6.1.0.47, v7.0 anterior a v7.0.0.27, v8.0 anterior a v8.0.0.6, y v8.5 anterior a v8.5.0.2, cuando la seguridad de inicio de sesión está desactivada, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1PM71139 http://www.ibm.com/support/docview.wss?uid=swg21622444 https://exchange.xforce.ibmcloud.com/vulnerabilities/81012 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •