CVE-2018-1660

Name of the Vulnerable Software and Affected Versions IBM WebSphere Portal versions 7.0 through 9.0

Description The issue exists due to insufficient protection of the web page structure, allowing a remote attacker to embed arbitrary JavaScript code in the web interface, potentially leading to credentials disclosure within a trusted session.

Recommendations For IBM WebSphere Portal versions 7.0 through 9.0, update to a version that includes the fix for this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.