CVE-2009-2742
Published Sep 21, 2009
Last updated 7 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in Eclipse Help in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27 allows remote attackers to inject arbitrary web script or HTML via unspecified input.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B9CDD56-921C-4FAF-87E2-14B91EC1A93D"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5FC6EB31-9707-408B-8BF5-66BD23441A75"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B73E052-AF4F-4543-AA03-F5B1FA976EA8"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "23171B81-C991-467A-95A4-EDDAC59C37BC"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2586C584-3258-414B-AB28-1EBA0DBD0B83"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BCA175EA-EDC6-4228-8E28-E9BBC981E60A"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6A4EC9D-98C2-40B0-BA40-4838FE8D1FF7"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7AF5BB33-4E78-4123-8093-EBEE2F2B5598"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A45B6F32-5DFF-4833-9F0F-89576724CF97"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "13CA9A59-DFE4-4566-8719-E6FA4720F06A"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A89DD1BF-4AB0-480D-9856-B1BEA73A4AAD"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "49E119EF-B6A5-4B6C-B199-C64F62CA7CB2"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9C8FA3D-9162-4D9B-8250-FAC93ED77A2D"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.23:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E06DE5D4-D3A5-4783-ACE0-A80808DB09C9"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.25:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ABBABA44-D18E-4329-9C2B-90828DAD468B"
}
],
"operator": "OR"
}
]
}
]