CVE-2014-4763

Name of the Vulnerable Software and Affected Versions IBM FileNet Content Manager versions 5.2.x before 5.2.0.3-P8CPE-IF003 IBM Content Foundation versions 5.2.x before 5.2.0.3-P8CPE-IF003

Description A cross-site scripting (XSS) issue allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. This affects the Content Navigator in Content Engine.

Recommendations For IBM FileNet Content Manager versions 5.2.x before 5.2.0.3-P8CPE-IF003, update to version 5.2.0.3-P8CPE-IF003 or later. For IBM Content Foundation versions 5.2.x before 5.2.0.3-P8CPE-IF003, update to version 5.2.0.3-P8CPE-IF003 or later.