source: https://www.securityfocus.com/bid/9488/info
IBM Net.Data is prone to cross-site scripting attacks via error message output. This may permit a remote attack to create a link to a system hosting the software that includes embedded HTML and script code. This hostile code may be rendered in the web browser of a user who follows the malicious link.
Exploitation could permit theft of cookie-based authentication credentials or other attacks.
http://www.example.com/cgi-bin/db2www/<script>alert(document.domain)</script>/A
