Soluções para vulnerabilidades

O Exame Periódico de Vulnerabilidade do Nimsoft Cloud Monitor verifica a vulnerabilidade abaixo. Para ver as soluções para vulneralidades adicionadas mais recentemente que são examinadas pelo WatchMouse, acesse a visão geral das Soluções para vulnerabilidades

IBM Multiple Products login.php Query String XSS
Categoria: CGI abuses : XSS	Fator de risco: Medium	Adicionado: 16 Mar 2010
Synopsis: A web application on the remote host has a cross-site scripting vulnerability. Description: The version of IBM WebSphere Portal / IBM Lotus Web Content Management running on the remote host has a cross-site scripting vulnerability. The query string passed to login.php is not properly sanitized. A remote attacker could exploit this by tricking a user into requesting a maliciously crafted URL, resulting in the execution of arbitrary script code. See also: http://www.hacktics.com/content/advisories/AdvIBM20100224.html http://archives.neohapsis.com/archives/bugtraq/2010-02/0226.html http://www-01.ibm.com/support/docview.wss?uid=swg21421469 Solution: Apply the relevant fix referenced in the IBM advisory. Risk factor: Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)


	exames adicionados nos últimos 7 dias