CVE-2011-1034

Cross-site scripting (XSS) vulnerability in the UI in IBM Rational Build Forge 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter to the fullcontrol program. NOTE: some of these details are obtained from third party information.

Published: Feb 16, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-1034
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
ibm / rational_build_forge	7.0.2	7.0.2.x

http://secunia.com/advisories/43180
http://securitytracker.com/id?1025019
http://www.ibm.com/support/docview.wss?uid=swg1PM05187
http://www.osvdb.org/70763
http://www.securityfocus.com/bid/46125
http://www.vupen.com/english/advisories/2011/0276

Vulnerability Database

CVE-2011-1034