CVE-2014-6132

Name of the Vulnerable Software and Affected Versions IBM WebSphere Service Registry and Repository (WSRR) versions 6.3 through 6.3.0.5 IBM WebSphere Service Registry and Repository (WSRR) versions 7.0.x through 7.0.0.5 IBM WebSphere Service Registry and Repository (WSRR) versions 7.5.x through 7.5.0.4 IBM WebSphere Service Registry and Repository (WSRR) versions 8.0.x before 8.0.0.3 IBM WebSphere Service Registry and Repository (WSRR) versions 8.5.x before 8.5.0.1

Description A cross-site scripting (XSS) issue in the Web UI of IBM WebSphere Service Registry and Repository (WSRR) allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Recommendations For versions 6.3 through 6.3.0.5, update to a version after 6.3.0.5. For versions 7.0.x through 7.0.0.5, update to a version after 7.0.0.5. For versions 7.5.x through 7.5.0.4, update to a version after 7.5.0.4. For versions 8.0.x before 8.0.0.3, update to version 8.0.0.3 or later. For versions 8.5.x before 8.5.0.1, update to version 8.5.0.1 or later.