IBM WebSphere Application Server ‘Liberty Profile’ Cross Site Scripting Vulnerability


WebSphere Application Server is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input.


The original article can be found at:


Vulnerable Systems:
 * IBM WebSphere Application Server

WebSphere Application Server V8.5 Liberty Profile could allow a cross-site scripting attack, caused by improper validation of the URI. A remote attacker could exploit this vulnerability using a specially-crafted URL to inject script in a victim’s Web browser withing the security context of the hosting Web site.

CVE Information:

Disclosure Timeline:
Published: November 06 2012

Categories: News