Soluciones para vulnerabilidades

La exploración de vulnerabilidades periódica de Nimsoft Cloud Monitor busca la vulnerabilidad siguiente. Para ver las soluciones añadidas más recientemente que Nimsoft Cloud Monitor explora, visite Soluciones para vulnerabilidades.

IBM Multiple Products login.php Query String XSS
Categoría: CGI abuses : XSS	Factor de riesgo: Medium	Añadido: 16 mar 2010
Synopsis: A web application on the remote host has a cross-site scripting vulnerability. Description: The version of IBM WebSphere Portal / IBM Lotus Web Content Management running on the remote host has a cross-site scripting vulnerability. The query string passed to login.php is not properly sanitized. A remote attacker could exploit this by tricking a user into requesting a maliciously crafted URL, resulting in the execution of arbitrary script code. See also: http://www.hacktics.com/content/advisories/AdvIBM20100224.html http://archives.neohapsis.com/archives/bugtraq/2010-02/0226.html http://www-01.ibm.com/support/docview.wss?uid=swg21421469 Solution: Apply the relevant fix referenced in the IBM advisory. Risk factor: Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)


	exploraciones de últimos 7 días