Soluciones para vulnerabilidades

La exploración de vulnerabilidades periódica de WatchMouse busca la vulnerabilidad siguiente. Para ver las soluciones añadidas más recientemente que WatchMouse explora, visite Soluciones para vulnerabilidades.

IBM Rational ClearQuest Multiple XSS Flaws
Categoría: CGI abuses : XSS	Factor de riesgo: Medium	Añadido: 2 jul 2009
Synopsis: The remote web server is affected by multiple flaws. Description: IBM Rational ClearQuest CQWeb Server is installed on the remote host. The installed version is affected by multiple cross-site scripting flaws. Specifically, the application fails to sanitize input passed to parameter 'contextid', 'schema', 'userNameVal' and 'username' before using it to generate dynamic HTML content. An unauthenticated remote attacker may be able to leverage this issue to inject arbitrary HTML or script code into a user's browser to be executed within the security context of the affected site. See also: http://www.securityfocus.com/archive/1/archive/1/489861/100/0/threaded Solution: Apply patch 2003.06.16 Patch 2008A, 7.0.0.2_iFix01, or 7.0.1.1_iFix01. Risk factor: Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)


	exploraciones de últimos 7 días