WebSphere 6.1 跨站脚本漏洞 CVE-2007-5798 CNNVD-200711-032

4.3 AV AC AU C I A
发布: 2007-11-03
修订: 2017-07-29

## 漏洞信息: WebSphere 是 IBM 的软件平台。它包含了编写、运行和监视全天候的工业强度的随需应变 Web 应用程序和跨平台、跨产品解决方案所需要的整个中间件基础设施,如服务器、服务和工具。WebSphere 提供了可靠、灵活和健壮的软件。 IBM WebSphere Application Server (WAS)的UDDI用户控制台的uddigui/navigateTree.do中存在多个跨站脚本攻击漏洞。 远程攻击者可以借助(1) keyField, (2) nameField, (3) valueField, 和 (4) frameReturn参数,注入任意web脚本或HTML。 ## 漏洞影响: IBM Websphere Application Server 6.1 .9 IBM Websphere Application Server 6.1 .8 IBM Websphere Application Server 6.1 .7 IBM Websphere Application Server 6.1 .6 IBM Websphere Application Server 6.1 .5 IBM Websphere Application Server 6.1 .4 IBM Websphere Application Server 6.1 .3 IBM Websphere Application Server 6.1 .2 IBM Websphere Application Server 6.1 .12 IBM Websphere Application Server 6.1 .11 IBM Websphere Application Server 6.1 .1 IBM Websphere Application Server 6.1 IBM Websphere Application Server 6.0.2 .9 IBM Websphere Application Server 6.0.2 .7 IBM Websphere Application Server 6.0.2 .5 IBM Websphere Application Server 6.0.2 .3 IBM Websphere Application Server...

0%
暂无可用Exp或PoC
当前有1条受影响产品信息