Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the echo functionality on IBM WebSphere DataPower SOA appliances with firmware 3.8.2, 4.0, 4.0.1, 4.0.2, and 5.0.0 allows remote attackers to inject arbitrary web script or HTML via a SOAP message, as demonstrated by the XML Firewall, Multi Protocol Gateway (MPGW), Web Service Proxy, and Web Token services.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM WebSphere DataPower SOA Appliances 跨站脚本漏洞
Vulnerability Description
IBM WebSphere DataPower SOA Appliances是美国IBM公司的一套网络设备。该设备主要用于简化、保护和加速SOA中的XML和Web服务部署。 IBM WebSphere DataPower SOA应用程序固件的3.8.2版本,4.0版本,4.0.1版本,4.0.2及5.0.0版本的echo功能中存在跨站脚本漏洞。远程攻击者可通过SOAP消息(如XML防火墙,多协议网关MPGW,Web服务代理和Web令牌服务)利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A