CVE-2013-6328 Information

Description

Cross-site scripting (XSS) vulnerability in the Web Content Manager (WCM) UI in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27 6.1.5.x through 6.1.5.3 CF27 7.0.0.x through 7.0.0.2 CF26 and 8.0.0.x before 8.0.0.1 CF09 allows remote attackers to inject arbitrary web script or HTML via vectors involving IFRAME elements.

Reference

http://osvdb.org/101269 http://www.securityfocus.com/bid/64495 http://www-01.ibm.com/support/docview.wss?uid=swg1PM96345 http://www-01.ibm.com/support/docview.wss?uid=swg21660011 https://exchange.xforce.ibmcloud.com/vulnerabilities/88909