Intrusion Prevention

IBM.WebSphere.AS.console.URI.XSS

Description

This indicates an attack attempt to exploit a Cross Site Scripting vulnerability in IBM WebSphere Application Server.
The vulnerability is a result of the application's failure to sanitize inputs from users. It may allow a remote attacker to execute arbitrary script code within the context of the application.

Affected Products

IBM WebSphere Application Server 6.1.0 and earlier versions.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www-01.ibm.com/support/docview.wss?uid=swg1PK81212

CVE References

CVE-2009-0855 CVE-2009-0856