Cross-Site Scripting Vulnerability in IBM WebSphere Service Registry and Repository
CVE-2014-3010

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Service Registry And Repository
Vendor: CVE Published:; 30 May 2014

What is CVE-2014-3010?

A cross-site scripting vulnerability exists in the Web UI of IBM WebSphere Service Registry and Repository, allowing remote attackers to inject arbitrary web scripts or HTML through specially crafted URLs. This flaw impacts specific versions of the product, creating a significant security concern for users who may be exposed to malicious web interactions.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IV56254

vendor-advisoryx_refsource_AIXAPAR

http://secunia.com/advisories/58949

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/92999

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 30, 2014
Vulnerability Reserved
Apr 29, 2014