Vulnerability Details CVE-2010-2433
Multiple cross-site scripting (XSS) vulnerabilities in content/internalError.jsp in IBM WebSphere ILOG JRules 6.7 allow remote attackers to inject arbitrary web script or HTML via an RTS URL to (1) explore/explore.jsp, (2) compose/compose.jsp, or (3) home.jsp in faces/.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.0%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/40275
- http://www-01.ibm.com/support/docview.wss?uid=swg1RS00133
- http://www.securityfocus.com/bid/41030
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59609
- http://secunia.com/advisories/40275
- http://www-01.ibm.com/support/docview.wss?uid=swg1RS00133
- http://www.securityfocus.com/bid/41030
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59609
Products affected by CVE-2010-2433
-
cpe:2.3:a:ibm:websphere_ilog_jrules:6.7