| Description: | | A cross-site scripting vulnerability exists in IBM WebSphere Application Server (WAS). The flaw is due to lack of validation of the user supplied input data. The flaw may be exploited by malicious users to execute arbitrary HTML and script code on target user's web browser, within the context of a trusted web site. An attack targeting this vulnerability can result in the injection and execution of script code. If code execution is successful, the behaviour of the target will depend on the intention of the attacker. Unsuccessful attack attempts could either be unnoticed by the target user, or cause incorrect rendering of the affected web pages. |