Cross-Site Scripting Vulnerability in IBM WebSphere Service Registry and Repository
CVE-2011-1357

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Service Registry And Repository
Vendor: CVE Published:; 11 August 2011

What is CVE-2011-1357?

A Cross-Site Scripting (XSS) vulnerability exists in agentDetect.jsp within the web UI of IBM WebSphere Service Registry and Repository. This security flaw allows remote attackers to inject arbitrary web scripts or HTML through the manipulation of the User-Agent HTTP header, posing a risk to user data and application integrity. The vulnerability affects multiple versions of the product, highlighting the importance of patching and maintaining secure web applications.

References

http://www.ibm.com/support/docview.wss?uid=swg1IV01657

vendor-advisoryx_refsource_AIXAPAR

https://exchange.xforce.ibmcloud.com/vulnerabilities/69040

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 11, 2011
Vulnerability Reserved
Mar 10, 2011