CVE-2013-6323

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server versions 7.x through 7.0.0.32 IBM WebSphere Application Server versions 8.x through 8.0.0.8 IBM WebSphere Application Server versions 8.5.x through 8.5.5.1 WebSphere Virtual Enterprise versions 7.x through 7.0.0.4

Description A cross-site scripting (XSS) issue in the Administration Console of IBM WebSphere Application Server and WebSphere Virtual Enterprise allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Recommendations For IBM WebSphere Application Server versions 7.x through 7.0.0.32, update to version 7.0.0.33 or later. For IBM WebSphere Application Server versions 8.x through 8.0.0.8, update to version 8.0.0.9 or later. For IBM WebSphere Application Server versions 8.5.x through 8.5.5.1, update to version 8.5.5.2 or later. For WebSphere Virtual Enterprise versions 7.x through 7.0.0.4, update to version 7.0.0.5 or later.