CVE-2014-6093

CVE-2014-6093

EPSS 1.5%

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x before 7.0.0.2 CF29, 8.0.x through 8.0.0.1 CF14, and 8.5.x before 8.5.0 CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://secunia.com/advisories/59752 http://secunia.com/advisories/60912 https://exchange.xforce.ibmcloud.com/vulnerabilities/95921 http://www-01.ibm.com/support/docview.wss?uid=swg1PI24678 http://www-01.ibm.com/support/docview.wss?uid=swg21689849 http://www.securitytracker.com/id/1031359