CVE-2009-4052

Multiple cross-site scripting (XSS) vulnerabilities in the JSF Widget Library Runtime in IBM Rational Application Developer for WebSphere Software before 7.0.0.10 and Rational Software Architect before 7.0.0.10 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) the JSF Tree Control and (2) the JavaScript Resource Servlet.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
VendorProductVersion
ibmrational_application_developer_for_websphere
7.0
ibmrational_application_developer_for_websphere
7.0.0.1
ibmrational_application_developer_for_websphere
7.0.0.2
ibmrational_application_developer_for_websphere
7.0.0.3
ibmrational_application_developer_for_websphere
7.0.0.4
ibmrational_application_developer_for_websphere
7.0.0.5
ibmrational_application_developer_for_websphere
7.0.0.6
ibmrational_application_developer_for_websphere
7.0.0.7
ibmrational_application_developer_for_websphere
7.0.0.8
ibmrational_application_developer_for_websphere
7.0.0.9
ibmrational_software_architect
7.0.0.0
ibmrational_software_architect
7.0.0.1
ibmrational_software_architect
7.0.0.2
ibmrational_software_architect
7.0.0.3
ibmrational_software_architect
7.0.0.4
ibmrational_software_architect
7.0.0.5
ibmrational_software_architect
7.0.0.6
ibmrational_software_architect
7.0.0.7
ibmrational_software_architect
7.0.0.8
ibmrational_software_architect
7.0.0.9
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/37442
http://www-01.ibm.com/support/docview.wss?uid=swg1PK90616
http://www-01.ibm.com/support/docview.wss?uid=swg1PK94324
http://www-01.ibm.com/support/docview.wss?uid=swg27012378
http://www-01.ibm.com/support/docview.wss?uid=swg27012558
http://www.osvdb.org/60319
http://www.securityfocus.com/bid/37083
https://exchange.xforce.ibmcloud.com/vulnerabilities/54360
http://secunia.com/advisories/37442
http://www-01.ibm.com/support/docview.wss?uid=swg1PK90616
http://www-01.ibm.com/support/docview.wss?uid=swg1PK94324
http://www-01.ibm.com/support/docview.wss?uid=swg27012378
http://www-01.ibm.com/support/docview.wss?uid=swg27012558
http://www.osvdb.org/60319
http://www.securityfocus.com/bid/37083
https://exchange.xforce.ibmcloud.com/vulnerabilities/54360