CVE-2014-6093 Information

Description

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x before 7.0.0.2 CF29 8.0.x through 8.0.0.1 CF14 and 8.5.x before 8.5.0 CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Reference

http://secunia.com/advisories/59752 http://secunia.com/advisories/60912 http://www.securitytracker.com/id/1031359 http://www-01.ibm.com/support/docview.wss?uid=swg1PI24678 http://www-01.ibm.com/support/docview.wss?uid=swg21689849 https://exchange.xforce.ibmcloud.com/vulnerabilities/95921