Cross-Site Scripting Vulnerability in IBM Rational Build Forge 7.0.2
CVE-2011-1034

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Build Forge
Vendor: CVE Published:; 16 February 2011

Summary

The Cross-site scripting vulnerability in IBM Rational Build Forge 7.0.2 enables remote attackers to inject arbitrary web scripts or HTML into the application. This occurs via the mod parameter in the fullcontrol program, which could allow the attacker to execute malicious scripts in the context of a user's session. Preventing this vulnerability requires strict input validation and encoding of output to mitigate risks associated with web application attacks.

References

http://secunia.com/advisories/43180

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2011/0276

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/46125

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Feb 16, 2011