Multiple cross-site scripting (XSS) vulnerabilities in IBM Web Experience Factory (aka WEF, formerly WebSphere Portlet Factory) 7.0 and 7.0.1 allow remote malicious users to inject arbitrary web script or HTML via a (1) text INPUT element or (2) TEXTAREA element, related to an interaction between Smart Refresh and Dojo.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm web experience factory 7.0 |
||
ibm web experience factory 7.0.1 |