Eclipse.IDE.Help.Component.XSS
Description
This indicates an attack attempt against a cross-site-scripting vulnerability in Help Contents web application in Eclipse IDE.
The vulnerability is a result of the application's failure to properly sanitize user input. As a result, Javascript encoded in a malicious URL can be executed in the context of the user that visited the site. It may result in information disclosure.
Affected Products
Eclipse Eclipse Project 3.6.1
Eclipse Eclipse Project 3.1.1
Eclipse Eclipse Project 3.1
Eclipse Eclipse Project 3.0.1
Eclipse Eclipse Project 3.0
Eclipse Eclipse Project 2.1.3
Eclipse Eclipse Project 2.1.2
Eclipse Eclipse Project 2.1.1
Eclipse Eclipse Project 2.1
Eclipse Eclipse Project 2.0
Impact
Information disclosure
Recommended Actions
Currently we are not aware of any patches supplied by the vendor for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |