Vulnerability Details CVE-2012-4851
Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.7%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM68643
- http://www.ibm.com/support/docview.wss?uid=swg21614265
- http://www.securityfocus.com/bid/56423
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79541
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM68643
- http://www.ibm.com/support/docview.wss?uid=swg21614265
- http://www.securityfocus.com/bid/56423
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79541
Products affected by CVE-2012-4851
-
cpe:2.3:a:ibm:websphere_application_server:8.5.0.0