XSS in Ibm Http_server

CVE-2011-1360

Multiple cross-site scripting (XSS) vulnerabilities in IBM HTTP Server 2.0.47 and earlier, as used in WebSphere Application Server and other products, allow remote attackers to inject arbitrary web script or HTML via vectors involving unsp…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.002 (37.7th percentile) — read the EPSS interpretation.

Affected products

Ibm Http_server — versions 1.0, 1.3.6.3, 1.3.12
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

50447 (vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_CONFIRM)
PM41293 (vendor-advisory, x_refsource_AIXAPAR)
was-http-doc-xss(69656) (vdb-entry, x_refsource_XF)