CVE-2008-4284

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server versions 5.1.1.19 and earlier 5.x versions IBM WebSphere Application Server versions 6.0.x before 6.0.2.33 IBM WebSphere Application Server versions 6.1.x before 6.1.0.23

Description The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the logoutExitPage feature in the ibm security logout servlet.

Recommendations For versions 5.1.1.19 and earlier 5.x versions, update to a version later than 5.1.1.19. For versions 6.0.x before 6.0.2.33, update to version 6.0.2.33 or later. For versions 6.1.x before 6.1.0.23, update to version 6.1.0.23 or later.