Vulnerabilities > IBM > WEB Experience Factory > 7.0

DATE CVE VULNERABILITY TITLE RISK
2012-01-03 CVE-2011-5048 Cross-Site Scripting vulnerability in IBM web Experience Factory 7.0/7.0.1
Multiple cross-site scripting (XSS) vulnerabilities in IBM Web Experience Factory (aka WEF, formerly WebSphere Portlet Factory) 7.0 and 7.0.1 allow remote attackers to inject arbitrary web script or HTML via a (1) text INPUT element or (2) TEXTAREA element, related to an interaction between Smart Refresh and Dojo.
network
ibm CWE-79
4.3
4.3