IZ76926: XSS VULNERABILITIES WITH WSRR

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as duplicate of another APAR.

Error description

  • For example:-
    
    /ServiceRegistry/HelpSearch.do?searchTerm=%22%3E%3Cscript%3Ealer
    t%28%22X
    SS%22%29%3C/script%3E%3C
    /ServiceRegistry/QueryWizardProcessStep1.do?queryConditionGroupT
    ype=AND&
    queryItems[0].value=%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3
    E&queryI
    tems[1].value=&queryItems[2].value=&queryItems[3].value=&queryIt
    ems[4].v
    alue=&wizard.button.setClassification=&wizard.button.next=Next
    

Local fix

  • Not applicable
    

Problem summary

Problem conclusion

Temporary fix

Comments

  • This APAR is a duplicate of IZ75984
    

APAR Information

  • APAR number

    IZ76926

  • Reported component name

    SERVICE REGISTR

  • Reported component ID

    5724N7200

  • Reported release

    630

  • Status

    CLOSED DUB

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2010-06-04

  • Closed date

    2010-08-05

  • Last modified date

    2010-08-05

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

Applicable component levels



Rate this page:

(0 users)Average rating

Document information


More support for:

WebSphere Service Registry and Repository

Software version:

6.3

Reference #:

IZ76926

Modified date:

2010-08-05

Translate my page

Machine Translation

Content navigation