Cross-site Scripting Vulnerability in IBM WebSphere Service Registry and Repository
CVE-2014-6178

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Service Registry And Repository
Vendor: CVE Published:; 24 December 2014

What is CVE-2014-6178?

A cross-site scripting vulnerability exists in the widgets of IBM WebSphere Service Registry and Repository, allowing remote authenticated users to execute arbitrary web scripts or inject HTML. This flaw opens up potential avenues for attackers to manipulate user sessions or phishing attempts, particularly affecting the integrity of the web application.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IV51765

vendor-advisoryx_refsource_AIXAPAR

http://www.ibm.com/support/docview.wss?uid=swg21693384

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/98514

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 24, 2014
Vulnerability Reserved
Sep 2, 2014