IBM WebSphere Portal XSS (swg22008028)
Medium Nessus Plugin ID 102996
SynopsisThe web portal software installed on the remote Windows host is affected by a cross-site scripting vulnerability.
DescriptionThe IBM WebSphere Portal installed on the remote host is version 6.1.0.x prior to 18.104.22.168 CF27, 6.1.5.x prior to 22.214.171.124 CF27, 7.0.0.x prior to 126.96.36.199 CF30, 8.0.0.x prior to 188.8.131.52 CF22, and is therefore affected by a cross-site scripting (XSS) vulnerability.
SolutionApply the appropriate fixes per the vendor advisory.
- For 6.1.0.x, upgrade to version 184.108.40.206 CF27 and apply interim fix PI78908.
- For 6.1.5.x, upgrade to version 220.127.116.11 CF27 and apply interim fix PI78908.
- For 7.0.0.x, upgrade to version 18.104.22.168 CF30 and apply interim fix PI78908.
- For 8.0.0.x, upgrade to version 22.214.171.124 CF22 and apply interim fix PI78908.