CVE-2013-0466
published 2013-02-20CVE-2013-0466: Cross-site scripting (XSS) vulnerability in IBM WebSphere Message Broker 7.0 before 7.0.0.6 and 8.0 before 8.0.0.2, when wsdl support is enabled on a SOAPInput…
low2.6CVSS 3.1
AVNACHAuNCNIPAN
Cross-site scripting (XSS) vulnerability in IBM WebSphere Message Broker 7.0 before 7.0.0.6 and 8.0 before 8.0.0.2, when wsdl support is enabled on a SOAPInput node, allows remote attackers to inject arbitrary web script or HTML via a wsdl request that is not properly handled during construction of an error message.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | websphere_message_broker | — | — |
| ibm | websphere_message_broker | — | — |
| ibm | websphere_message_broker | — | — |
| ibm | websphere_message_broker | — | — |
| ibm | websphere_message_broker | — | — |
| ibm | websphere_message_broker | — | — |
| ibm | websphere_message_broker | — | — |
| ibm | websphere_message_broker | — | — |