Description
Multiple cross-site scripting (XSS) vulnerabilities in index.php in IBM OpenAdmin Tool (OAT) before 2.72 for Informix allow remote attackers to inject arbitrary web script or HTML via the (1) informixserver, (2) host, or (3) port parameter in a login action.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Sumit Kumar Soni · textwebappsphp
https://www.exploit-db.com/exploits/36091
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/519468/100/0/threaded
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/49364
Exploit x_refsource_misc
http://voidroot.blogspot.com/2011/08/xss-in-ibm-open-admin-tool.html
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/8370
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/69488
Scores
EPSS
0.1052
EPSS Percentile
93.3%
Details
CWE
CWE-79
Status
published
Products (10)
ibm/openadmin_tool
2.20
ibm/openadmin_tool
2.21
ibm/openadmin_tool
2.22
ibm/openadmin_tool
2.23
ibm/openadmin_tool
2.24
ibm/openadmin_tool
2.25
ibm/openadmin_tool
2.26
ibm/openadmin_tool
2.27
ibm/openadmin_tool
2.28
ibm/openadmin_tool
< 2.70
Published
Sep 06, 2011
Tracked Since
Feb 18, 2026