IBM WebSphere Portal XSS (swg22008028)
Medium Nessus Plugin ID 102996
SynopsisThe web portal software installed on the remote Windows host is affected by a cross-site scripting vulnerability.
DescriptionThe IBM WebSphere Portal installed on the remote host is version 6.1.0.x prior to 220.127.116.11 CF27, 6.1.5.x prior to 18.104.22.168 CF27, 7.0.0.x prior to 22.214.171.124 CF30, 8.0.0.x prior to 126.96.36.199 CF22, and is therefore affected by a cross-site scripting (XSS) vulnerability.
SolutionApply the appropriate fixes per the vendor advisory.
- For 6.1.0.x, upgrade to version 188.8.131.52 CF27 and apply interim fix PI78908.
- For 6.1.5.x, upgrade to version 184.108.40.206 CF27 and apply interim fix PI78908.
- For 7.0.0.x, upgrade to version 220.127.116.11 CF30 and apply interim fix PI78908.
- For 8.0.0.x, upgrade to version 18.104.22.168 CF22 and apply interim fix PI78908.