CVE-2010-0768: XSS
First published: Thu Apr 01 2010(Updated: )
Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 allows remote attackers to inject arbitrary web script or HTML via the URI.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.1 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.5 | |
| IBM WebSphere Application Server Feature Pack for Web Services | <=6.0.2.39 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.13 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.9 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.11 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.35 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.21 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.15 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.17 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.29 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.23 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.7 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.33 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.27 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.3 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.19 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.25 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.37 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.0.2.31 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.21 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.19 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.2 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.25 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.11 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.9 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.1 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.27 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.7 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.3 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.17 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.13 | |
| IBM WebSphere Application Server Feature Pack for Web Services | <=6.1.0.29 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.15 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.23 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.5 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =7.0.0.5 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =7.0 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =7.0.0.7 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =7.0.0.3 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =7.0.0.1 | |
| <=6.0.2.39 | ||
| =6.0.2 | ||
| =6.0.2.1 | ||
| =6.0.2.3 | ||
| =6.0.2.5 | ||
| =6.0.2.7 | ||
| =6.0.2.9 | ||
| =6.0.2.11 | ||
| =6.0.2.13 | ||
| =6.0.2.15 | ||
| =6.0.2.17 | ||
| =6.0.2.19 | ||
| =6.0.2.21 | ||
| =6.0.2.23 | ||
| =6.0.2.25 | ||
| =6.0.2.27 | ||
| =6.0.2.29 | ||
| =6.0.2.31 | ||
| =6.0.2.33 | ||
| =6.0.2.35 | ||
| =6.0.2.37 | ||
| <=6.1.0.29 | ||
| =6.1.0 | ||
| =6.1.0.1 | ||
| =6.1.0.2 | ||
| =6.1.0.3 | ||
| =6.1.0.5 | ||
| =6.1.0.7 | ||
| =6.1.0.9 | ||
| =6.1.0.11 | ||
| =6.1.0.13 | ||
| =6.1.0.15 | ||
| =6.1.0.17 | ||
| =6.1.0.19 | ||
| =6.1.0.21 | ||
| =6.1.0.23 | ||
| =6.1.0.25 | ||
| =6.1.0.27 | ||
| =7.0 | ||
| =7.0.0.1 | ||
| =7.0.0.3 | ||
| =7.0.0.5 | ||
| =7.0.0.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2010-0768?
CVE-2010-0768 is classified as a medium severity cross-site scripting (XSS) vulnerability that can allow remote attackers to inject web scripts or HTML.
How do I fix CVE-2010-0768?
To fix CVE-2010-0768, it is recommended to upgrade your IBM WebSphere Application Server to version 6.0.2.41, 6.1.0.31, or 7.0.0.9 or later.
Which IBM WebSphere Application Server versions are affected by CVE-2010-0768?
The affected versions of IBM WebSphere Application Server include 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9.
What types of attacks can CVE-2010-0768 facilitate?
CVE-2010-0768 can facilitate cross-site scripting attacks, allowing attackers to execute arbitrary scripts in the context of a user's session.
Is CVE-2010-0768 easy to exploit?
CVE-2010-0768 is considered relatively easy to exploit by attackers with knowledge of injecting scripts through manipulated URIs.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/description
- agent/first-publish-date
- agent/weakness
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/source
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/ibm
- canonical/ibm websphere application server feature pack for web services
- version/ibm websphere application server feature pack for web services/6.0.2.1
- version/ibm websphere application server feature pack for web services/6.0.2.5
- version/ibm websphere application server feature pack for web services/6.0.2.39
- version/ibm websphere application server feature pack for web services/6.0.2.13
- version/ibm websphere application server feature pack for web services/6.0.2.9
- version/ibm websphere application server feature pack for web services/6.0.2.11
- version/ibm websphere application server feature pack for web services/6.0.2.35
- version/ibm websphere application server feature pack for web services/6.0.2
- version/ibm websphere application server feature pack for web services/6.0.2.21
- version/ibm websphere application server feature pack for web services/6.0.2.15
- version/ibm websphere application server feature pack for web services/6.0.2.17
- version/ibm websphere application server feature pack for web services/6.0.2.29
- version/ibm websphere application server feature pack for web services/6.0.2.23
- version/ibm websphere application server feature pack for web services/6.0.2.7
- version/ibm websphere application server feature pack for web services/6.0.2.33
- version/ibm websphere application server feature pack for web services/6.0.2.27
- version/ibm websphere application server feature pack for web services/6.0.2.3
- version/ibm websphere application server feature pack for web services/6.0.2.19
- version/ibm websphere application server feature pack for web services/6.0.2.25
- version/ibm websphere application server feature pack for web services/6.0.2.37
- version/ibm websphere application server feature pack for web services/6.0.2.31
- version/ibm websphere application server feature pack for web services/6.1.0.21
- version/ibm websphere application server feature pack for web services/6.1.0.19
- version/ibm websphere application server feature pack for web services/6.1.0.2
- version/ibm websphere application server feature pack for web services/6.1.0.25
- version/ibm websphere application server feature pack for web services/6.1.0.11
- version/ibm websphere application server feature pack for web services/6.1.0.9
- version/ibm websphere application server feature pack for web services/6.1.0.1
- version/ibm websphere application server feature pack for web services/6.1.0.27
- version/ibm websphere application server feature pack for web services/6.1.0.7
- version/ibm websphere application server feature pack for web services/6.1.0.3
- version/ibm websphere application server feature pack for web services/6.1.0.17
- version/ibm websphere application server feature pack for web services/6.1.0.13
- version/ibm websphere application server feature pack for web services/6.1.0.29
- version/ibm websphere application server feature pack for web services/6.1.0.15
- version/ibm websphere application server feature pack for web services/6.1.0.23
- version/ibm websphere application server feature pack for web services/6.1.0
- version/ibm websphere application server feature pack for web services/6.1.0.5
- version/ibm websphere application server feature pack for web services/7.0.0.5
- version/ibm websphere application server feature pack for web services/7.0
- version/ibm websphere application server feature pack for web services/7.0.0.7
- version/ibm websphere application server feature pack for web services/7.0.0.3
- version/ibm websphere application server feature pack for web services/7.0.0.1