CVE-2013-0585

Name of the Vulnerable Software and Affected Versions IBM InfoSphere Information Server versions prior to 8.5 FP4 IBM InfoSphere Information Server versions 8.7 through FP2 IBM InfoSphere Information Server version 9.1

Description The issue allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the web console and repository management user interfaces.

Recommendations For IBM InfoSphere Information Server versions prior to 8.5 FP4, update to version 8.5 FP4 or later. For IBM InfoSphere Information Server versions 8.7 through FP2, update to version 8.7 FP3 or later. For IBM InfoSphere Information Server version 9.1, update to a newer version that contains a fix for this issue.