PT-2015-6744 · Ibm · Ibm Websphere Portal
Publicado
2015-12-21
·
Atualizado
2017-09-14
·
CVE-2015-4993
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
IBM WebSphere Portal versions 6.1.0 through 6.1.0.6 CF27
IBM WebSphere Portal versions 6.1.5 through 6.1.5.3 CF27
IBM WebSphere Portal versions 7.0.0 through 7.0.0.2 CF29
IBM WebSphere Portal versions 8.0.0 before 8.0.0.1 CF19
IBM WebSphere Portal versions 8.5.0 before CF08
Description
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
Recommendations
For versions 6.1.0 through 6.1.0.6 CF27, update to a version after 6.1.0.6 CF27.
For versions 6.1.5 through 6.1.5.3 CF27, update to a version after 6.1.5.3 CF27.
For versions 7.0.0 through 7.0.0.2 CF29, update to a version after 7.0.0.2 CF29.
For versions 8.0.0 before 8.0.0.1 CF19, update to 8.0.0.1 CF19 or later.
For versions 8.5.0 before CF08, update to CF08 or later.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Websphere Portal