CVE-2014-0917 Information

Description

Cross-site scripting (XSS) vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27 6.1.5 through 6.1.5.3 CF27 7.0 through 7.0.0.2 CF27 and 8.0 before 8.0.0.1 CF06 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Reference

http://www.securityfocus.com/bid/67339 http://www-01.ibm.com/support/docview.wss?uid=swg1PI14125 http://www-01.ibm.com/support/docview.wss?uid=swg21670753 https://exchange.xforce.ibmcloud.com/vulnerabilities/91979