Cross-Site Scripting Flaw in IBM Eclipse Help System Affecting Security AppScan and SPSS Developer Library
CVE-2012-2161

Currently unrated

Key Information:

Vendor: IBM
Status: Security Appscan Source
Vendor: CVE Published:; 20 June 2012

Summary

A cross-site scripting vulnerability exists in the deferredView.jsp file of IBM Eclipse Help System. This flaw allows remote attackers to inject arbitrary web scripts or HTML content through specially crafted URLs. This can lead to various security issues, including unauthorized actions on behalf of users, data theft, and exploitation of user sessions in applications utilizing the affected products.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/74833

vdb-entryx_refsource_XF

http://www.ibm.com/support/docview.wss?uid=swg21598423

x_refsource_CONFIRM

http://www.ibm.com/support/docview.wss?uid=swg21596690

x_refsource_CONFIRM

Timeline

Vulnerability published
Jun 20, 2012
Vulnerability Reserved
Apr 4, 2012