CVE-2014-8909 Information

Feb 14, 2021 cve

Description

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27 6.1.5.x through 6.1.5.3 CF27 7.0.0.x through 7.0.0.2 CF29 8.0.0.x before 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg1PI30620 http://www-01.ibm.com/support/docview.wss?uid=swg21694738 https://exchange.xforce.ibmcloud.com/vulnerabilities/99250

Share on: