CVE-2014-0953

Name of the Vulnerable Software and Affected Versions IBM WebSphere Portal versions 6.1.0.0 through 6.1.0.6 IBM WebSphere Portal versions 6.1.5.0 through 6.1.5.3 IBM WebSphere Portal versions 7.0.0 through 7.0.0.2 IBM WebSphere Portal versions 8.0.0 before 8.0.0.1 CF12

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a crafted URL. This can be exploited by injecting malicious code into a website, potentially leading to unauthorized actions.

Recommendations For versions 6.1.0.0 through 6.1.0.6, update to a version outside of this range to resolve the issue. For versions 6.1.5.0 through 6.1.5.3, update to a version outside of this range to resolve the issue. For versions 7.0.0 through 7.0.0.2, update to a version outside of this range to resolve the issue. For versions 8.0.0 before 8.0.0.1 CF12, update to 8.0.0.1 CF12 or later to resolve the issue.