CVE-2011-1371
https://notcve.org/view.php?id=CVE-2011-1371
Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM WebSphere ILOG Rule Team Server 7.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger an Unknown Error document, a different vulnerability than CVE-2011-4171. Vulnerabilidad en Cross-site scripting (XSS) en el contenido/error.jsp en IBM WebSphere ILOG Rule Team Server v7.1.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores que provocan un documento de error desconocido, una vulnerabilidad diferente a CVE-2011-4171. • http://www.ibm.com/support/docview.wss?uid=swg1RS00810 https://exchange.xforce.ibmcloud.com/vulnerabilities/71005 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2011-4171
https://notcve.org/view.php?id=CVE-2011-4171
Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM WebSphere ILOG Rule Team Server 7.1.1 allows remote attackers to inject arbitrary web script or HTML via the project parameter to teamserver/faces/home.jsp. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS)en content/error.jsp en IBM WebSphere ILOG Rule Team Server v7.1.1 permite a atacantes remotos inyectar código script web o HTML de su elección a través del parámetro project en teamserver/faces/home.jsp. • http://secunia.com/advisories/46350 http://securitytracker.com/id?1026170 http://www.ibm.com/support/docview.wss?uid=swg1RS00803 http://www.osvdb.org/76238 http://www.securityfocus.com/bid/50056 https://exchange.xforce.ibmcloud.com/vulnerabilities/70461 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •