Vulnerability Solutions
 |
added scans last 7 days |
| The Nimsoft Cloud Monitor Periodic Vulnerability Scan checks for the vulnerability below. To see the most recently added vulnerability solutions that are scanned by WatchMouse, go to the Vulnerability Solutions overview |
| Category: CGI abuses : XSS | Risk factor: Medium | Added: 2 Jul 2009 |
| Synopsis: The remote web server is affected by multiple flaws. Description: IBM Rational ClearQuest CQWeb Server is installed on the remote host. The installed version is affected by multiple cross-site scripting flaws. Specifically, the application fails to sanitize input passed to parameter 'contextid', 'schema', 'userNameVal' and 'username' before using it to generate dynamic HTML content. An unauthenticated remote attacker may be able to leverage this issue to inject arbitrary HTML or script code into a user's browser to be executed within the security context of the affected site. See also: http://www.securityfocus.com/archive/1/archive/1/489861/100/0/threaded Solution: Apply patch 2003.06.16 Patch 2008A, 7.0.0.2_iFix01, or 7.0.1.1_iFix01. Risk factor: Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N) |
||
