CVE-2010-2433 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in content/internalError.jsp in IBM WebSphere ILOG JRules 6.7 allow remote attackers to inject arbitrary web script or HTML via an RTS URL to (1) explore/explore.jsp (2) compose/compose.jsp or (3) home.jsp in faces/.

Reference

http://secunia.com/advisories/40275 http://www.securityfocus.com/bid/41030 http://www-01.ibm.com/support/docview.wss?uid=swg1RS00133 https://exchange.xforce.ibmcloud.com/vulnerabilities/59609