Vulnonym.com

CVE-2015-1917 - Curtate Removal

Description

Cross-site scripting (XSS) vulnerability in the Active Content Filtering component in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27 6.1.5 through 6.1.5.3 CF27 7.0.0 through 7.0.0.2 CF29 8.0.0 before 8.0.0.1 CF17 and 8.5.0 before CF06 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg21958024 http://www-01.ibm.com/support/docview.wss?uid=swg1PI38732 http://www.securityfocus.com/bid/75479 http://www.securitytracker.com/id/1032970