IBM WebSphere Application Server CVE-2018-1798 Cross Site Scripting Vulnerability
BID:105945
CVE-2018-1798 |Info
IBM WebSphere Application Server CVE-2018-1798 Cross Site Scripting Vulnerability
| Bugtraq ID: | 105945 |
| Class: | Input Validation Error |
| CVE: |
CVE-2018-1798 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 08 2018 12:00AM |
| Updated: | Nov 08 2018 12:00AM |
| Credit: | Benoit Côté-Jodoin from GoSecure |
| Vulnerable: |
IBM Websphere Application Server 9.0 IBM Websphere Application Server 8.5 IBM Websphere Application Server 8.0 IBM Websphere Application Server 7 |
| Not Vulnerable: |
IBM Websphere Application Server 9.0.0.10 IBM Websphere Application Server 8.5.5.15 IBM Websphere Application Server 8.0.0.15 |
Exploit / POC
IBM WebSphere Application Server CVE-2018-1798 Cross Site Scripting Vulnerability
To exploit this issue an attacker must entice an unsuspecting victim to open a malicious URI.
To exploit this issue an attacker must entice an unsuspecting victim to open a malicious URI.
References
IBM WebSphere Application Server CVE-2018-1798 Cross Site Scripting Vulnerability
References:
References: