XSS in Ibm Web_content_manager

CVE-2011-2754

Cross-site scripting (XSS) vulnerability in the PageBuilder2 (aka Page Builder) theme in IBM WebSphere Portal 7.x before 7.0.0.1 CF006, as used in IBM Web Content Manager (WCM) and other products, allows remote attackers to inject arbitrar…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.002 (46.7th percentile) — read the EPSS interpretation.

Affected products

Ibm Web_content_manager
Ibm Websphere_portal — versions 7.0.0.0, 7.0.0.1
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

45106 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM)