Cross-Site Scripting Vulnerabilities in IBM WebSphere ILOG JRules
CVE-2010-2433

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Ilog Jrules
Vendor: CVE Published:; 24 June 2010

Summary

Multiple cross-site scripting vulnerabilities exist in content/internalError.jsp of IBM WebSphere ILOG JRules 6.7, enabling remote attackers to inject arbitrary web scripts or HTML. This can occur through improper handling of RTS URLs, affecting key pages like explore/explore.jsp, compose/compose.jsp, and home.jsp. Exploitation of these vulnerabilities can lead to unauthorized actions being executed in the context of the affected user.

References

http://www.securityfocus.com/bid/41030

vdb-entryx_refsource_BID

http://www-01.ibm.com/support/docview.wss?uid=swg1RS00133

vendor-advisoryx_refsource_AIXAPAR

https://exchange.xforce.ibmcloud.com/vulnerabilities/59609

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jun 24, 2010
Vulnerability Reserved
Jun 23, 2010