Multiple cross-site scripting (XSS) vulnerabilities in the (1) Accelerator JSPs, (2) Organization Administration Console JSPs, and (3) Administration Console JSPs in WebSphere Commerce Tools in IBM WebSphere Commerce 5.6.1.0 up to and including 5.6.1.5, 6.0.0.0 up to and including 6.0.0.11, and 7.0.0.0 up to and including 7.0.0.7 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
ibm websphere commerce 7.0.0.3 |
||
ibm websphere commerce 7.0.0.4 |
||
ibm websphere commerce 6.0.0.3 |
||
ibm websphere commerce 6.0.0.4 |
||
ibm websphere commerce 5.6.1.1 |
||
ibm websphere commerce 5.6.1.2 |
||
ibm websphere commerce 5.6.1.3 |
||
ibm websphere commerce 7.0.0.1 |
||
ibm websphere commerce 7.0.0.2 |
||
ibm websphere commerce 6.0.0.10 |
||
ibm websphere commerce 6.0.0.2 |
||
ibm websphere commerce 6.0.0.9 |
||
ibm websphere commerce 5.6.1 |
||
ibm websphere commerce 7.0.0.7 |
||
ibm websphere commerce 7.0.0.5 |
||
ibm websphere commerce 7.0.0.6 |
||
ibm websphere commerce 6.0.0.5 |
||
ibm websphere commerce 6.0.0.6 |
||
ibm websphere commerce 5.6.1.4 |
||
ibm websphere commerce 5.6.1.5 |
||
ibm websphere commerce 6.0.0.11 |
||
ibm websphere commerce 7.0 |
||
ibm websphere commerce 6.0.0.0 |
||
ibm websphere commerce 6.0.0.1 |
||
ibm websphere commerce 6.0.0.7 |
||
ibm websphere commerce 6.0.0.8 |
Vulmon