CVE-2010-2636
IBM WebSphere Commerce <7.0.0.1 - XSS
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in sample store pages in IBM WebSphere Commerce 7.0 before 7.0.0.1 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.
Scores
EPSS
0.0020
EPSS Percentile
42.1%
Classification
CWE
CWE-79
Status
published
Affected Products (2)
ibm/websphere_commerce
n/a/n/a
Timeline
Published
Nov 09, 2010
Tracked Since
Feb 18, 2026