CVE-2013-6323 Information

Description

Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 7.x before 7.0.0.33 8.x before 8.0.0.9 and 8.5.x before 8.5.5.2 and WebSphere Virtual Enterprise 7.x before 7.0.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Reference

http://www.securityfocus.com/bid/67720 http://www-01.ibm.com/support/docview.wss?uid=swg1PI04777 http://www-01.ibm.com/support/docview.wss?uid=swg1PI04880 http://www-01.ibm.com/support/docview.wss?uid=swg21669554 http://www-01.ibm.com/support/docview.wss?uid=swg21676091 http://www-01.ibm.com/support/docview.wss?uid=swg21676092 https://exchange.xforce.ibmcloud.com/vulnerabilities/88903