Top Banner

Vulnerability in IBM Web sphereApplication Server

Severity Rating: HIGH

Software Affected

IBM Web Sphere Application Server Liberty
IBM Web Sphere Application Server 9.0
IBM Web Sphere Application Server 8.5
IBM Web Sphere Application Server 8.0
IBM Web Sphere Application Server 7.0

Overview

A cross-site Vulnerability exist in IBM Web sphere Application Server which could be exploited by a remote attacker to cross-site scripting attacks on the system.

Description

The vulnerability exist in the CacheMonitor for Web sphere Application Server and allows users to embed arbitrary JavaScript code in the Web UI. A remote attacker could exploit this vulnerability by using user authentication cookies from users browser and access data recently submitted by the target user via web form to the site. This may allow the remote attacker to take actions on the site acting as the target user.

Successful exploitation of this vulnerability could allow the attacker to obtain sensitive information on the target system and take action s on the site acting as the target user.

More News