CVE-2018-1716

Name of the Vulnerable Software and Affected Versions IBM WebSphere Portal versions 7.0 through 9.0

Description The issue exists due to insufficient protection of the web page structure, allowing a remote attacker to embed arbitrary JavaScript code in the web interface, potentially leading to credentials disclosure within a trusted session.

Recommendations For versions 7.0 through 9.0, update to a version that includes the fix for this issue to prevent exploitation. As a temporary workaround, consider restricting access to the web interface to minimize the risk of arbitrary JavaScript code injection.