CVE-2005-4413 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in sample scripts in IBM WebSphere Application Server 6 allow remote attackers to inject arbitrary web script or HTML via the (1) E-mail address field to (a) PlantsByWebSphere/login.jsp (2) message field to (b) TechnologySample/BulletinBoard Script (3) Email address field to (c) TechnologySamples/Subscription and the (4) Movie Name (5) Movie Reviewer and (6) Movie Review fields to (d) TechnologySamples/MovieReview2_1.

Reference

http://securitytracker.com/id?1015360 http://www.ipomonis.com/advisories/ibm_css.txt http://www.securityfocus.com/bid/15929