CVE-2008-0717

Cross-site scripting (XSS) vulnerability in Caching Proxy (CP) 5.1 through 6.1 in IBM WebSphere Edge Server, when CGI mapping rules are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger injection into an error response.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
VendorProductVersion
ibmwebsphere_edge_server
5.1
ibmwebsphere_edge_server
5.1.1
ibmwebsphere_edge_server
6.0
ibmwebsphere_edge_server
6.0.1
ibmwebsphere_edge_server
6.0.2
ibmwebsphere_edge_server
6.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/28785
http://www-1.ibm.com/support/docview.wss?uid=swg21294776
http://www.securityfocus.com/bid/27665
http://www.securitytracker.com/id?1019315
http://www.vupen.com/english/advisories/2008/0446
http://secunia.com/advisories/28785
http://www-1.ibm.com/support/docview.wss?uid=swg21294776
http://www.securityfocus.com/bid/27665
http://www.securitytracker.com/id?1019315
http://www.vupen.com/english/advisories/2008/0446