IBM WebSphere Application Server Administrative Console HTML Injection Vulnerability

Bugtraq ID:	37015
Class:	Input Validation Error
CVE:	CVE-2009-2748
Remote:	Yes
Local:	No
Published:	Nov 13 2009 12:00AM
Updated:	Dec 16 2009 05:54PM
Credit:	IBM
Vulnerable:	IBM Websphere Application Server 7.0 3 IBM Websphere Application Server 6.1 .9 IBM Websphere Application Server 6.1 .9 IBM Websphere Application Server 6.1 .8 IBM Websphere Application Server 6.1 .7 IBM Websphere Application Server 6.1 .6 IBM Websphere Application Server 6.1 .5 IBM Websphere Application Server 6.1 .4 IBM Websphere Application Server 6.1 .3 IBM Websphere Application Server 6.1 .25 IBM Websphere Application Server 6.1 .23 IBM Websphere Application Server 6.1 .22 IBM Websphere Application Server 6.1 .21 IBM Websphere Application Server 6.1 .20 IBM Websphere Application Server 6.1 .2 IBM Websphere Application Server 6.1 .2 IBM Websphere Application Server 6.1 .19 IBM Websphere Application Server 6.1 .18 IBM Websphere Application Server 6.1 .17 IBM Websphere Application Server 6.1 .15 IBM Websphere Application Server 6.1 .14 IBM Websphere Application Server 6.1 .13 IBM Websphere Application Server 6.1 .12 IBM Websphere Application Server 6.1 .11 IBM Websphere Application Server 6.1 .10 IBM Websphere Application Server 6.1 .1 IBM Websphere Application Server 6.1 IBM Websphere Application Server 7.0.0.5 IBM Websphere Application Server 7.0.0.1 IBM Websphere Application Server 7.0 IBM Websphere Application Server 6.1.0.27

Not Vulnerable:	IBM Websphere Application Server 7.0.0.7 IBM Websphere Application Server 6.1.0.29