{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-06-13T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in deferredView.jsp in IBM Eclipse Help System (IEHS), as used in IBM Security AppScan Source 7.x and 8.x before 8.6 and IBM SPSS Data Collection Developer Library 6.0 and 6.0.1, allows remote attackers to inject arbitrary web script or HTML via a crafted URL."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"name": "iehs-multiple-xss(74833)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74833"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21598423"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21596690"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2012-2161", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in deferredView.jsp in IBM Eclipse Help System (IEHS), as used in IBM Security AppScan Source 7.x and 8.x before 8.6 and IBM SPSS Data Collection Developer Library 6.0 and 6.0.1, allows remote attackers to inject arbitrary web script or HTML via a crafted URL."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "iehs-multiple-xss(74833)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74833"}, {"name": "http://www.ibm.com/support/docview.wss?uid=swg21598423", "refsource": "CONFIRM", "url": "http://www.ibm.com/support/docview.wss?uid=swg21598423"}, {"name": "http://www.ibm.com/support/docview.wss?uid=swg21596690", "refsource": "CONFIRM", "url": "http://www.ibm.com/support/docview.wss?uid=swg21596690"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:26:08.424Z"}, "title": "CVE Program Container", "references": [{"name": "iehs-multiple-xss(74833)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74833"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21598423"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21596690"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2012-2161", "datePublished": "2012-06-20T10:00:00", "dateReserved": "2012-04-04T00:00:00", "dateUpdated": "2024-08-06T19:26:08.424Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:security_appscan_source:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E2A8F522-B785-4C9D-B133-D895B8A5D0E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:security_appscan_source:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C3EC310D-7C7F-4B5A-AFFC-58A38B67A0CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:security_appscan_source:8.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "66B37DEF-109F-4769-901C-DD8B33DEA054", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:security_appscan_source:8.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "3FA1883D-1576-43B9-904A-536C0C249112", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:security_appscan_source:8.5:*:*:*:*:*:*:*", "matchCriteriaId": "6990B7A5-3C72-494B-A512-23E508B71CE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:security_appscan_source:8.5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FBE84BDC-3AC4-4BD2-9BF8-3C6C5E1DCF56", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:spss_data_collection:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "ED735680-3700-4744-857C-EA2F005D89E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spss_data_collection:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "673496DB-11BB-4FEB-9772-175F5D45859F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in deferredView.jsp in IBM Eclipse Help System (IEHS), as used in IBM Security AppScan Source 7.x and 8.x before 8.6 and IBM SPSS Data Collection Developer Library 6.0 and 6.0.1, allows remote attackers to inject arbitrary web script or HTML via a crafted URL."}, {"lang": "es", "value": "Una vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en deferredView.jsp in IBM Eclipse Help System (IEHS), tal como se utiliza en IBM Security AppScan Fuente v7.x y v8.x anterior a v8,6 y PASW Data Collection Developer Library v6.0 y v6.0.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de un URL malicioso."}], "id": "CVE-2012-2161", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2012-06-20T10:27:28.223", "references": [{"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21596690"}, {"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21598423"}, {"source": "psirt@us.ibm.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74833"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21596690"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21598423"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74833"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}