Описание
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x before 7.0.0.2 CF29, 8.0.x through 8.0.0.1 CF14, and 8.5.x before 8.5.0 CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x before 7.0.0.2 CF29, 8.0.x through 8.0.0.1 CF14, and 8.5.x before 8.5.0 CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-6093
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95921
- http://secunia.com/advisories/59752
- http://secunia.com/advisories/60912
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI24678
- http://www-01.ibm.com/support/docview.wss?uid=swg21689849
- http://www.securitytracker.com/id/1031359
Связанные уязвимости
nvd
около 11 лет назад
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x before 7.0.0.2 CF29, 8.0.x through 8.0.0.1 CF14, and 8.5.x before 8.5.0 CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.