CVSS: 4.3EPSS: 0%CPEs: 50EXPL: 0CVE-2013-0458
https://notcve.org/view.php?id=CVE-2013-0458
Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.27, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2, when login security is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de Cross-site scripting (XSS) en la consola administrativa de IBM WebSphere Application Server (WAS) v6.1 anterior a v6.1.0.47, v7.0 anterior a v7.0.0.27, v8.0 anterior a v8.0.0.6, y v8.5 anterior a v8.5.0.2, cuando la seguridad de inicio de sesión está desactivada, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1PM71139 http://www.ibm.com/support/docview.wss?uid=swg21622444 https://exchange.xforce.ibmcloud.com/vulnerabilities/81012 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •