WebSphere UDDI Console Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 4273
SynopsisThe remote host is vulnerable to multiple attack vectors.
DescriptionThe remote WebSphere server is running on the remote host.
This version is reported vulnerable to a number of flaws in its UDDI Console. The flaws stem from the application's inability to parse user-supplied input to the 'uddigui/navigateTree.do' Java program. Successful exploitation would require that the attacker be able to convince a user to browse a malicious URI. Successful exploitation would result in the attacker executing script code within the client browser.
SolutionUpgrade or patch according to vendor recommendations.