Cross site scripting

2013-08-1601:55:00

PRIOn knowledge base

www.prio-n.com

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.1%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Portal before 8.0.0.1 CF07 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Portal, (2) Portal 7.0.0.2, (3) Portal 8.0, or (4) PortalWeb2 theme.

CPENameOperatorVersion
websphere_portaleq7.0.0.1
websphere_portaleq5.1.0.3
websphere_portaleq6.0.0.4
websphere_portaleq6.0.1.0
websphere_portaleq8.0.0.1
websphere_portaleq6.0.1.3
websphere_portaleq7.0.0.1 cf4
websphere_portaleq7.0.0.0
websphere_portaleq8.0.0.0
websphere_portaleq7.0.0.2 cf17

Name	Operator	Version
websphere_portal	eq	7.0.0.1
websphere_portal	eq	5.1.0.3
websphere_portal	eq	6.0.0.4
websphere_portal	eq	6.0.1.0
websphere_portal	eq	8.0.0.1
websphere_portal	eq	6.0.1.3
websphere_portal	eq	7.0.0.1 cf4
websphere_portal	eq	7.0.0.0
websphere_portal	eq	8.0.0.0
websphere_portal	eq	7.0.0.2 cf17