| Vector: | Remote |
| Severity: | Low |
| Patch: | Patched |
| Impact: | Cross-site Scripting (XSS) |
| Software: | IBM WebSphere Portal 8.x , vulnerable versions: =8.5.0 |
A cross-site scripting (XSS) vulnerability has been discovered in IBM WebSphere Portal.
Vulnerability is caused by an unspecified input validation error. A remote attacker can send a specially crafted HTTP request to the vulnerable application and execute arbitrary html and scripting code in user`s browser in context of a vulnerable website.
Further exploitation of this vulnerability may result in stealing potentially sensitive to the user information, such as cookies, or disguising the information presented on the website.
Links: http://www.ibm.com/support/docview.wss
