XSS in 3com Intelligent_management_center
CVE-2010-2103
Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly o…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.269 (96.5th percentile) — read the EPSS interpretation.
Affected products
- 3com Intelligent_management_center
- Apache Axis2 — versions 1.5.1, 1.4.1
- Sap Business_objects — versions 12
- N/a — versions n/a
Weakness classification (CWE)
References
- axis2-modules-xss(58790) (vdb-entry, x_refsource_XF)
- 39906 (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- 12689 (Exploit, exploit, x_refsource_EXPLOIT-DB)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (Exploit, x_refsource_MISC)
- cve@mitre.org (x_refsource_MISC)
- ADV-2010-1215 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
- 40327 (Exploit, vdb-entry, x_refsource_BID)
- 20100521 PR10-03: Authenticated Cross-Site Scripting (XSS) within the Apache Axis2 administration console (mailing-list, x_refsource_BUGTRAQ)
- 64844 (x_refsource_OSVDB, Exploit, vdb-entry)