CVE-2006-6537 Information

Description

IBM WebSphere Host On-Demand 6.0 7.0 8.0 9.0 and possibly 10 allows remote attackers to bypass authentication via a modified pnl parameter related to hod/HODAdmin.html and hod/frameset.html.

Reference

http://secunia.com/advisories/22652 http://securityreason.com/securityalert/2030 http://www.securityfocus.com/archive/1/454050/100/0/threaded http://www.vupen.com/english/advisories/2006/4943 https://exchange.xforce.ibmcloud.com/vulnerabilities/30826