CVE-2010-2433 – IBM Websphere ILOG JRules 6.7 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2010-2433
Multiple cross-site scripting (XSS) vulnerabilities in content/internalError.jsp in IBM WebSphere ILOG JRules 6.7 allow remote attackers to inject arbitrary web script or HTML via an RTS URL to (1) explore/explore.jsp, (2) compose/compose.jsp, or (3) home.jsp in faces/. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados ( XSS) en content/internalError.jsp en IBM WebSphere ILOG JRules v6.7 permite a atacantes remotos inyectar código web o HTML de su elección a través de una URL RTS en (1) explore/explore.jsp, (2) compose/compose.jsp, o (3) home.jsp en faces/. • https://www.exploit-db.com/exploits/34179 http://secunia.com/advisories/40275 http://www-01.ibm.com/support/docview.wss?uid=swg1RS00133 http://www.securityfocus.com/bid/41030 https://exchange.xforce.ibmcloud.com/vulnerabilities/59609 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •