Cross-site scripting (XSS) vulnerability in the Web console in IBM InfoSphere Information Server 8.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.27%
Published
2009-12-09
Updated
2017-08-17
Cross-site scripting (XSS) vulnerability in the Collaboration component in IBM WebSphere Portal 6.1.x before 6.1.0.3 allows remote attackers to inject arbitrary web script or HTML via the people picker tag.
Max CVSS
4.3
EPSS Score
0.16%
Published
2009-12-02
Updated
2011-01-06
Multiple cross-site scripting (XSS) vulnerabilities in the JSF Widget Library Runtime in IBM Rational Application Developer for WebSphere Software before 7.0.0.10 and Rational Software Architect before 7.0.0.10 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) the JSF Tree Control and (2) the JavaScript Resource Servlet.
Max CVSS
4.3
EPSS Score
0.29%
Published
2009-11-23
Updated
2017-08-17
Multiple cross-site scripting (XSS) vulnerabilities in Activities pages in the Mobile subsystem in IBM Lotus Connections 2.5.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.13%
Published
2009-10-28
Updated
2009-10-28
Cross-site scripting (XSS) vulnerability in the help pages in IBM Rational AppScan Enterprise Edition 5.5.0.2 allows remote attackers to inject arbitrary web script or HTML via the query string.
Max CVSS
4.3
EPSS Score
0.23%
Published
2009-10-22
Updated
2017-08-17
Multiple cross-site scripting (XSS) vulnerabilities in the ReqWeb Help feature (aka the Web Client Help system) in IBM Rational RequisitePro 7.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the operation parameter to ReqWebHelp/advanced/workingSet.jsp, or the (2) searchWord, (3) maxHits, (4) scopedSearch, or (5) scope parameter to ReqWebHelp/basic/searchView.jsp.
Max CVSS
4.3
EPSS Score
0.40%
Published
2009-10-20
Updated
2009-10-27
Multiple cross-site scripting (XSS) vulnerabilities in the Visualization Engine (VE) in IBM Tivoli Composite Application Manager for WebSphere (ITCAM) 6.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.18%
Published
2009-10-01
Updated
2009-10-01
Cross-site scripting (XSS) vulnerability in profiles/html/simpleSearch.do in IBM Lotus Connections 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
Max CVSS
4.3
EPSS Score
3.15%
Published
2009-09-29
Updated
2017-08-17
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1.0 services for WebSphere Portal allow remote attackers to inject arbitrary web script or HTML via the filename of a .odt file in a Lotus Quickr place, related to the Library template.
Max CVSS
4.3
EPSS Score
0.29%
Published
2009-09-29
Updated
2017-08-17
Cross-site scripting (XSS) vulnerability in the Self Service UI (SSUI) in IBM Tivoli Identity Manager (ITIM) 5.0.0.5 allows remote authenticated users to inject arbitrary web script or HTML via the last name field in a profile.
Max CVSS
3.5
EPSS Score
0.07%
Published
2009-09-18
Updated
2009-09-21
Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 211.241 for Domino 8.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR EZEL7UURYC.
Max CVSS
4.3
EPSS Score
0.25%
Published
2009-09-08
Updated
2017-08-17
Cross-site scripting (XSS) vulnerability in Eclipse Help in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27 allows remote attackers to inject arbitrary web script or HTML via unspecified input.
Max CVSS
4.3
EPSS Score
0.19%
Published
2009-09-21
Updated
2017-08-17
Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0 allow remote attackers to inject arbitrary web script or HTML by entering an unspecified URL in (1) the self-service UI interface or (2) the console interface. NOTE: it was later reported that 4.6.0 is also affected by the first vector.
Max CVSS
4.3
EPSS Score
0.32%
Published
2009-07-05
Updated
2009-08-05
Cross-site scripting (XSS) vulnerability in the CQWeb server in IBM Rational ClearQuest 7.0.0 before 7.0.0.6 and 7.0.1 before 7.0.1.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.13%
Published
2009-06-25
Updated
2009-07-02
Cross-site scripting (XSS) vulnerability in login/FilepathLogin.html in IBM Tivoli Continuous Data Protection (CDP) for Files 3.1.4.0 allows remote attackers to inject arbitrary web script or HTML via the reason parameter.
Max CVSS
4.3
EPSS Score
0.43%
Published
2009-04-17
Updated
2017-08-17
Multiple cross-site scripting (XSS) vulnerabilities in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allow remote attackers to inject arbitrary web script or HTML via (1) the username in a login action or (2) the PATH parameter to private/file_management.ssi in the File manager.
Max CVSS
4.3
EPSS Score
0.24%
Published
2009-04-13
Updated
2018-10-10
Multiple cross-site scripting (XSS) vulnerabilities in sample applications in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35, and 6.1 before 6.1.0.23 on z/OS, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
1.66%
Published
2009-03-09
Updated
2009-06-05
Cross-site scripting (XSS) vulnerability in the administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.23 on z/OS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
49.90%
Published
2009-03-09
Updated
2022-12-02
Cross-site scripting (XSS) vulnerability in IBM Workplace for Business Controls and Reporting 2.x and IBM Workplace Web Content Management 6.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.
Max CVSS
4.3
EPSS Score
0.19%
Published
2009-02-10
Updated
2009-08-08
19 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!