|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-03-26 | |
| Rule Name: | IBM WebSphere Application Server Cross Site Scripting Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | There is a cross site scripting vulnerability in IBM Web Application Server. The vulnerability is caused by a lack of validation of user provided input data. It may lead to attackers executing malicious scripts in the victim's browser, stealing user session tokens, personal information, or tampering with webpage content. | |
| Impact: | An attacker can conduct a cross-site scripting attack to inject malicious client-side scripts into web pages viewed by other users, or to bypass access controls such as the same-origin policy, if affected version is installed. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |