IBM WebSphere Portal 8.0.0.x < 220.127.116.11 CF22 Unspecified XSS (PI80564)
Medium Nessus Plugin ID 102176
SynopsisThe web portal software installed on the remote Windows host is affected by a cross-site scripting vulnerability.
DescriptionThe version of IBM WebSphere Portal installed on the remote Windows host is 8.0.0.x prior to 18.104.22.168 CF22. It is, therefore, affected by a cross-site scripting (XSS) vulnerability due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session.
SolutionUpgrade to IBM WebSphere Portal 22.214.171.124 Cumulative Fix 22 (CF22) and apply Interim Fix PI80564 or later.