Vulnerability CVE-2006-2431

Vulnerability CVE-2006-2431

Published: 2006-05-17 Modified: 2012-02-12

Description:

	Topic	Author	Date
Med.	IBM Websphere Application Server Multiple Vulnerabilities	SnoB	19.05.2006

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Affected software
IBM -> Websphere application server

http://archives.neohapsis.com/archives/bugtraq/2006-05/0175.html

http://securityreason.com/securityalert/910

http://securitytracker.com/id?1017170

http://www-1.ibm.com/support/docview.wss?rs=0&dc=DB550&q1=PK16492&uid=swg1PK22416&loc=en_US&cs=utf-8&lang

http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012064

http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012163

http://www-1.ibm.com/support/search.wss?rs=0&q=PK16602&apar=only

http://www-1.ibm.com/support/search.wss?rs=0&q=PK26181&apar=only

http://www.attrition.org/pipermail/vim/2006-November/001112.html

http://www.niscc.gov.uk/niscc/docs/re-20061031-00727.pdf?lang=en

http://www.securityfocus.com/archive/1/450704/100/0/threaded

http://www.securityfocus.com/bid/21018

http://www.vupen.com/english/advisories/2006/1736

https://exchange.xforce.ibmcloud.com/vulnerabilities/30055