Discussion:
XSS and Host on Demand
(too old to reply)
Joe Sumi
2018-06-06 14:00:44 UTC
Permalink
Raw Message
Hello, has anyone encountered a situation with a Cross-site scripting (XSS) vulnerability with 3270 emulation software, such as webpages for IBM's Host on Demand (HOD) ? If so, how did you remediate it ? (IBM did not offer anything useful).

Thanks, Joe

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Joe Monk
2018-06-06 14:07:48 UTC
Permalink
Raw Message
The easiest way to remediate that is to use a URL filter (bluecoat, Cisco
Sourcefire) that check URLS going thru the firewall and block any that
contain scripting...

Joe
Post by Joe Sumi
Hello, has anyone encountered a situation with a Cross-site scripting
(XSS) vulnerability with 3270 emulation software, such as webpages for
IBM's Host on Demand (HOD) ? If so, how did you remediate it ? (IBM did not
offer anything useful).
Thanks, Joe
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Loading...