{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-02-24T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to inject arbitrary web script or HTML via the query string."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"}, {"name": "ibm-login-xss(56508)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56508"}, {"name": "1023660", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1023660"}, {"name": "20100225 Hacktics Advisory Feb10: XSS in IBM WebSphere Portal & Lotus WCM", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"}, {"name": "PM03233", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PM03233"}, {"name": "38412", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/38412"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-0714", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to inject arbitrary web script or HTML via the query string."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html", "refsource": "MISC", "url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"}, {"name": "ibm-login-xss(56508)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56508"}, {"name": "1023660", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1023660"}, {"name": "20100225 Hacktics Advisory Feb10: XSS in IBM WebSphere Portal & Lotus WCM", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"}, {"name": "PM03233", "refsource": "AIXAPAR", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PM03233"}, {"name": "38412", "refsource": "BID", "url": "http://www.securityfocus.com/bid/38412"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:59:38.582Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"}, {"name": "ibm-login-xss(56508)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56508"}, {"name": "1023660", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1023660"}, {"name": "20100225 Hacktics Advisory Feb10: XSS in IBM WebSphere Portal & Lotus WCM", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"}, {"name": "PM03233", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PM03233"}, {"name": "38412", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/38412"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-0714", "datePublished": "2010-02-26T19:00:00", "dateReserved": "2010-02-26T00:00:00", "dateUpdated": "2024-08-07T00:59:38.582Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "0B4DF048-224A-43DB-A796-44EAF9CD8838", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FA05BB8A-C367-4A09-87A4-C9D9C46AE52B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "23785ACE-3F00-430E-B9ED-940A70A3201C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0F885AD0-1134-483C-9A69-98AC0D60E79B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "2AF22D6E-7B21-4657-89ED-A7EF20BFF81F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "13570CD6-7D5F-4665-A982-9E83FA25C68C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6C753E1B-D81B-4995-877E-58EDD6F49DDB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5D54D4DB-FA55-47AE-9E19-FB8368FD40C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "3FEB7016-D077-402A-99C7-E6F6290F1D0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C064D03F-D49C-4A2F-A23D-3ADC18EC277A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "6FDA430B-8996-43D4-BDBD-07A5C9EDB339", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "092F8012-A1EE-46CE-B2B2-0604BF4ACBBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9FC6A48A-E669-4AA0-AD83-85778A7B6C67", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "8F8C5AD9-2086-4131-A03C-02A89D822080", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "82FC2F98-1E99-4B50-88D5-7A2904F4585C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "9B7F74AC-2B5E-4B6C-9551-576A4F312BBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "FC51FA38-1C63-47F5-A4CF-1128396B62C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "EBCCA8DE-50EF-4154-AF48-A8E1AA2659B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "AF550E47-49FB-4EBC-83E7-4CFCB7279FEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E618064A-3D05-4DC6-9A47-0EDF2427642F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3DE74154-3E79-4D56-96C4-D8E644F1419D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "FA915826-5D89-43E9-83E7-88973648302A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C5DB29F4-59AB-439C-91C4-CDF677676C26", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "3F1964FC-672F-4139-938F-A8EF9D86D9C2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "9516473F-0533-4326-B880-6B6FD591473D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "773AC6CD-7DDE-4676-8647-26C3B83354DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "A502A57D-97DE-424E-B005-B086C1149959", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F8505A74-332E-4980-ABA2-BEE7E3D7B654", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "F49CBF7A-9C04-4960-B7B8-6F5C51785C56", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "F535D576-9AC7-4047-8AC3-9F1B5A961DB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "EA0D9DBB-AA57-4816-8EC6-F7479B5481E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "87844DD4-AF06-4A91-973A-F885AD8CA569", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "EC572C9B-BEBE-4619-9B34-73FD8C20F4B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "66BC65C9-BF3E-41C0-ABD7-5587999FDA4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "CD2F018F-3356-45B1-AF0B-8E17023A04E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "FC532381-C1D3-4FE3-9E32-614B91482255", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "8153B9AE-9969-4D49-8B07-9817E0C37194", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "709CE95C-FCC3-4A8B-9A47-8114BDFEAD7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "F55351DA-AEAC-40FC-B0B0-9CC1D456F651", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "F1E67047-A652-4828-BCE9-AB6C369B459F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "9B9A2F08-F9E6-4DC4-AFFD-77B6787FA81F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "9A727B34-8433-4571-AE1B-4F43320F57A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "AC18431F-8C85-4C3A-85B9-ADA860F6C0D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "108210EB-FFEF-4D69-A78D-85DA08913766", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D993AD7F-81FC-4C82-9303-699B44ECC92E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07EE7410-8A88-468A-B773-89D8A93859E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "EF9A7C87-0DCE-4309-B344-AC106B6ECBD9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D6141F9D-42F4-47D2-B340-356F174AA4AE", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "4E8D8302-74CD-436A-92BD-C08F1254A2C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "673674BD-D171-47AF-8169-FBF6346993E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "959CF397-FAC9-488D-96E5-9839EDA77494", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "CA0A5D8C-6C5C-4666-BDC0-8451D1C9FCB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "CF4257D6-58F8-4209-BF67-9124D1BA0B6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "46AF30E4-3301-401B-94E5-D7FA9E62B82F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8E986062-BBA8-4AA0-AD41-E101FEFD49EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "250DFAAA-67A9-4E64-B1AE-0966EAC05468", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "FA75DD49-E267-4306-84D8-4C3A548841A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "53E20727-E021-442A-B7CB-AB1DFEA21374", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "5434B4A9-1433-469B-8352-D0FDDD033E2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9EA803C8-EDAC-467E-B8CE-A60612AE86F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "812047C9-6477-455E-8739-4407336102F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "10A39AB5-4BDB-4027-9F50-91BBFDAE8E0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "20E03B68-715F-428D-84FD-F800D02DDB3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "0CE191CE-C2F4-45F7-8CF3-565832E01AB9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "49CC6237-2E8C-415A-9C09-C8FD3F4C1E57", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "22D7C604-2F9B-4AA0-BEE0-379D2C65321F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "AAA1888C-A7F9-4019-8798-524EE7EB8A7B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "33D2422E-141A-414E-B283-E7BF570FFA80", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "18C5D9B6-F013-46B7-AE06-609A0B11A8C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "30E0AA87-E48E-46C3-B8DD-3C3A90322AD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "6CA17FC6-DAE6-4FAC-B3CD-1269689314CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "E3CBEF3F-EB64-42D1-B23A-D3A20F900971", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "980401D7-AAF3-4AE4-9006-83D99170F5DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B3CA670F-E987-44ED-8A2A-62CCA5D037F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "2D3C43CE-8917-4109-A185-93699004638F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "344E13DD-DAFC-4394-8371-B032D117D6AE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to inject arbitrary web script or HTML via the query string."}, {"lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), y IBM Lotus Workplace Web Content Management v5.1.0.0 hasta v5.1.0.5, v6.0.0.0 hasta v6.0.0.4, v6.0.1.0 hasta v6.0.1.7, v6.1.0.0 hasta v6.1.0.3, y v6.1.5.0; y IBM Lotus Quickr services v8.0, v8.0.0.2, v8.1, v8.1.1, y v8.1.1.1 para WebSphere Portal; permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del cadena \"query\"."}], "id": "CVE-2010-0714", "lastModified": "2024-11-21T01:12:48.503", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-02-26T19:30:00.743", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"}, {"source": "cve@mitre.org", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PM03233"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/38412"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1023660"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56508"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PM03233"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/38412"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1023660"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56508"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}