Cross-Site Scripting Vulnerability in IBM Rational AppScan Enterprise
CVE-2012-0737

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Appscan
Vendor: CVE Published:; 3 May 2012

What is CVE-2012-0737?

A cross-site scripting (XSS) vulnerability exists in IBM Rational AppScan Enterprise 5.x and 8.x prior to version 8.5.0.1. This security flaw allows remote authenticated users to inject arbitrary web scripts or HTML into the application through unspecified vectors, potentially compromising the integrity of user sessions and allowing for unauthorized actions within the web application.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/74560

vdb-entryx_refsource_XF

http://secunia.com/advisories/48967

third-party-advisoryx_refsource_SECUNIA

http://www.ibm.com/support/docview.wss?uid=swg21592188

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 3, 2012
Vulnerability Reserved
Jan 17, 2012