CVE-2011-2754

IBM Web Content Manager - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the PageBuilder2 (aka Page Builder) theme in IBM WebSphere Portal 7.x before 7.0.0.1 CF006, as used in IBM Web Content Manager (WCM) and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (2)

[Vendor Advisory] http://secunia.com/advisories/45106

[Various Sources] http://www.ibm.com/support/docview.wss?uid=swg21503959

Scores

EPSS 0.0024

EPSS Percentile 46.2%

Classification

CWE

CWE-79

Status published

Affected Products (8)

ibm/web_content_manager

ibm/websphere_portal

n/a/n/a

Timeline

Published Jul 17, 2011

Tracked Since Feb 18, 2026