IBM WebSphere Portal XSS (swg22008028)
Medium Nessus Plugin ID 102996
SynopsisThe web portal software installed on the remote Windows host is affected by a cross-site scripting vulnerability.
DescriptionThe IBM WebSphere Portal installed on the remote host is version 6.1.0.x prior to 126.96.36.199 CF27, 6.1.5.x prior to 188.8.131.52 CF27, 7.0.0.x prior to 184.108.40.206 CF30, 8.0.0.x prior to 220.127.116.11 CF22, and is therefore affected by a cross-site scripting (XSS) vulnerability.
SolutionApply the appropriate fixes per the vendor advisory.
- For 6.1.0.x, upgrade to version 18.104.22.168 CF27 and apply interim fix PI78908.
- For 6.1.5.x, upgrade to version 22.214.171.124 CF27 and apply interim fix PI78908.
- For 7.0.0.x, upgrade to version 126.96.36.199 CF30 and apply interim fix PI78908.
- For 8.0.0.x, upgrade to version 188.8.131.52 CF22 and apply interim fix PI78908.