Vulnerabilities > IBM > WEB Experience Factory > 7.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-01-03 | CVE-2011-5048 | Cross-Site Scripting vulnerability in IBM web Experience Factory 7.0/7.0.1 Multiple cross-site scripting (XSS) vulnerabilities in IBM Web Experience Factory (aka WEF, formerly WebSphere Portlet Factory) 7.0 and 7.0.1 allow remote attackers to inject arbitrary web script or HTML via a (1) text INPUT element or (2) TEXTAREA element, related to an interaction between Smart Refresh and Dojo. | 4.3 |