CVE-2011-1362 Information

Description

Cross-site scripting (XSS) vulnerability in the Installation Verification Test (IVT) application in the Install component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41 and 7.0 before 7.0.0.19 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1308.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg1PM40733 http://www-01.ibm.com/support/docview.wss?uid=swg1PM65992 http://www-01.ibm.com/support/docview.wss?uid=swg27007951 https://exchange.xforce.ibmcloud.com/vulnerabilities/69731