Cross-site scripting (XSS) vulnerability in the Web Content Manager - Web Content Viewer Portlet in the server in IBM WebSphere Portal 7.0.0.x up to and including 7.0.0.2 CF22 and 8.0.0.x up to and including 8.0.0.1 CF5, when the IBM Portlet API is used, allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere portal 7.0.0.1 |
||
ibm websphere portal 7.0.0.2 |
||
ibm websphere portal 7.0.0.0 |
||
ibm websphere portal 8.0.0.0 |
||
ibm websphere portal 8.0 |
||
ibm websphere portal 8.0.0.1 |