CVE-2010-0714
IBM WebSphere Portal 5.1.0.0-5.1.0.5, 6.0.0.0-6.0.1.7, 6.1.0.0-6.1.5.0 XSS via login.jsp
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-0714. PoCs published by Oren Hafif.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in IBM Lotus Web Content Management, WebSphere Portal, and Lotus Quickr by injecting malicious scripts via unsanitized input in the login.jsp URL parameter.
Description
Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to inject arbitrary web script or HTML via the query string.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in IBM Lotus Web Content Management, WebSphere Portal, and Lotus Quickr by injecting malicious scripts via unsanitized input in the login.jsp URL parameter.