3 matches found
CVE-2014-0828
Cross-site scripting XSS vulnerability in the WCM Web Content Manager UI in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF27, and 8.0.0.x before 8.0.0.1 CF11 allows remote attackers to inject arbitrary web script or HTML via unspecified...
CVE-2014-0828
CVE-2014-0828 is an XSS in IBM WebSphere Portal's Web Content Manager UI affecting WebSphere Portal 6.1.0.x (up to 6.1.0.6 CF27), 6.1.5.x (up to 6.1.5.3 CF27), 7.0.0.x (up to 7.0.0.2 CF27), and 8.0.0.x before 8.0.0.1 CF11. The root cause is insufficient input filtering in the WCM UI/Social Render...
IBM WebSphere Portal Web Content Manager UI 跨站脚本漏洞
CVE ID:CVE-2014-0828 IBM WebSphere Portal提供了一个组合应用程序或业务mashup框架,并且提供了一种高级工具来构造灵活的,基于SOA的解决方案。 由于某些关于社会渲染功能的输入在返回用户前没有正确过滤,攻击者可以利用漏洞在受影响站点上下文的用户浏览器会话中执行任意HTML和脚本代码。 0 IBM WebSphere Portal 6.x IBM WebSphere Portal 7.x IBM WebSphere Portal 8.x IBM WebSphere Portal 8.0.0.1 CF11版本以修复此漏洞,建议用户下载使用:...