CVE-2012-2161

IBM Security Appscan Source - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in deferredView.jsp in IBM Eclipse Help System (IEHS), as used in IBM Security AppScan Source 7.x and 8.x before 8.6 and IBM SPSS Data Collection Developer Library 6.0 and 6.0.1, allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

References (3)

[Vendor Advisory] http://www.ibm.com/support/docview.wss?uid=swg21596690

[Vendor Advisory] http://www.ibm.com/support/docview.wss?uid=swg21598423

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/74833

Scores

EPSS 0.0029

EPSS Percentile 52.0%

Classification

CWE

CWE-79

Status published

Affected Products (9)

ibm/security_appscan_source

ibm/spss_data_collection

n/a/n/a

Timeline

Published Jun 20, 2012

Tracked Since Feb 18, 2026