QwikSec

Security Database

CVE

CWE

Training

CVE-2008-5043

Published: Nov 12, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in the web-based interface in IBM Metrica Service Assurance Framework allow remote authenticated users to inject arbitrary web script or HTML via (1) the elementid parameter in a generatedreportresults action to the ReportTree program, (2) the jnlpname parameter to the Launch program, or (3) the :tasklabel parameter to the ReportRequest program, related to the name of a report.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20081108 Metrica Service Assurance Multiple Cross Site Scripting

mailing-list

x_refsource_BUGTRAQ

metricaservice-reporttree-launch-xss(46495)

vdb-entry

x_refsource_XF

20081108 Metrica Service Assurance Multiple Cross Site Scripting

mailing-list

x_refsource_FULLDISC

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SREASON

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.