CVE Vulnerabilities

CVE-2001-0824

Published: Dec 06, 2001 | Modified: Sep 10, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javascript into an error page.

Affected Software

Name Vendor Start Version End Version
Websphere_application_server Ibm 3.5 3.5
Websphere_application_server Ibm 3.0.2 3.0.2

References