CVE-2011-1308
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2011-1308
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the Installation Verification Test (IVT) application in the Install component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
IBM WebSphere Application Server Install组件IVT应用程序跨站脚本攻击漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
IBM WebSphere Application Server(WAS)是美国IBM公司开发并发行的一款应用服务器产品,它是Java EE和Web服务应用程序的平台,也是IBM WebSphere软件平台的基础。 IBM WebSphere Application Server (WAS) 7.0.0.15之前版本中的Install组件中的Installation Verification Test(IVT)应用程序中存在跨站脚本攻击漏洞。远程攻击者可以借助未明向量注入任意web脚本或者HTML。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2011-1308
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2011-1308
Please Login to view more intelligence information
- http://www-01.ibm.com/support/docview.wss?uid=swg27014463x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2011-1308
Same Patch Batch · n/a · 2011-03-08 · 19 CVEs total
| CVE-2011-1314 | IBM WebSphere Application Server SIB messaging引擎拒绝服务漏洞 | |
| CVE-2011-1322 | IBM WebSphere Application Server Web Services组件SOAP内存破坏漏洞 | |
| CVE-2011-1321 | IBM WebSphere Application Server Security组件AuthCache清除实现权限提升漏洞 | |
| CVE-2011-1320 | IBM WebSphere Application Server Security组件服务器访问漏洞 | |
| CVE-2011-1319 | IBM WebSphere Application Server Security组件拒绝服务漏洞 | |
| CVE-2011-1318 | IBM WebSphere Application Server JSP组件内存泄露漏洞 | |
| CVE-2011-1317 | IBM WebSphere Application Server JSP组件内存泄露漏洞 | |
| CVE-2011-1316 | IBM WebSphere Application Server HTTP Transport组件SIP Proxy拒绝服务漏洞 | |
| CVE-2011-1315 | IBM WebSphere Application Server messaging引擎内存泄露漏洞 | |
| CVE-2011-0344 | Alcatel-Lucent OmniPCX Enterprise未明CGI程序多个栈缓冲区溢出漏洞 | |
| CVE-2011-1313 | IBM WebSphere Application Server双重释放漏洞 | |
| CVE-2011-1312 | IBM WebSphere Application Server Administrative Console组件访问限制绕过漏洞 | |
| CVE-2011-1311 | IBM WebSphere Application Server Security组件权限提升漏洞 | |
| CVE-2011-1310 | IBM WebSphere Application Server Administrative Scripting Tools组件敏感信息泄露漏洞 | |
| CVE-2011-1309 | IBM WebSphere Application Server Plug-in组件安全绕过漏洞 | |
| CVE-2011-1307 | IBM WebSphere Application Server安装程序本地临时日志文件访问漏洞 | |
| CVE-2011-1306 | Google Chrome OS Scratchpad应用程序未明漏洞 | |
| CVE-2011-0345 | Alcatel-Lucent OmniVista 4760 Network Management System 'lang'目录遍历漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-8195
JeecgBoot SVG File CommonController.java cross site scriptin - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-8193
Akaunting Invoice PDF Rendering dompdf.php server-side reque - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out-
V. Comments for CVE-2011-1308
No comments yet