Cross-Site Scripting Vulnerability in IBM WebSphere eXtreme Scale
CVE-2015-2031

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Extreme Scale
Vendor: CVE Published:; 4 October 2015

Summary

A cross-site scripting vulnerability exists in IBM WebSphere eXtreme Scale versions 7.1.0 prior to 7.1.0.3 and 7.1.1 prior to 7.1.1.1. This vulnerability allows remote authenticated users to execute arbitrary web scripts or HTML by crafting a malicious URL. Exploitation of this vulnerability may lead to unauthorized actions performed on behalf of the victim or exposure of sensitive information.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21966044

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability published
Oct 4, 2015
Vulnerability Reserved
Feb 19, 2015