|
|
Family: CGI abuses : XSS --> Category: infos
WebSphere Cross Site Scripting Vulnerability Scan
Vulnerability Scan Summary
Determine if the remote host is vulnerable to Cross Site Scripting vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is itself prone to cross-site scripting attacks.
Description :
The remote web server seems to be vulnerable to cross-site scripting
vulnerabilities because it fails to sanitize input supplied as a
filename when displaying an error page.
The vulnerability would allow a possible hacker to make the server present the
user with the attacker's JavaScript/HTML code. Since the content is
presented by the server, the user will give it the trust level of the
server (for example, the trust level of banks, shopping centers, etc.
would usually be high).
Solution :
Upgrade to the latest version of WebSphere.
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
