IBM WebSphere Portal 7.0.0.x < 18.104.22.168 CF30 Unspecified XSS (PI80564)
Medium Nessus Plugin ID 102175
SynopsisThe web portal software installed on the remote Windows host is affected by a cross-site scripting vulnerability.
DescriptionThe version of IBM WebSphere Portal installed on the remote Windows host is 7.0.0.x prior to 22.214.171.124 CF30. It is, therefore, affected by a cross-site scripting (XSS) vulnerability due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session.
SolutionUpgrade to IBM WebSphere Portal 126.96.36.199 Cumulative Fix 30 (CF30) and apply Interim Fix PI80564 or later.