CVE-2013-6725

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server versions 7.x through 7.0.0.30 IBM WebSphere Application Server versions 8.0.x through 8.0.0.7 IBM WebSphere Application Server versions 8.5.x through 8.5.5.1

Description The issue allows remote authenticated administrators to inject arbitrary web script or HTML via a crafted URL, potentially leading to the execution of malicious scripts. This is a result of a cross-site scripting (XSS) vulnerability in the Administrative Console of IBM WebSphere Application Server.

Recommendations For IBM WebSphere Application Server versions 7.x through 7.0.0.30, update to version 7.0.0.31 or later. For IBM WebSphere Application Server versions 8.0.x through 8.0.0.7, update to version 8.0.0.8 or later. For IBM WebSphere Application Server versions 8.5.x through 8.5.5.1, update to version 8.5.5.2 or later.