CVE-2014-6093

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x before 7.0.0.2 CF29, 8.0.x through 8.0.0.1 CF14, and 8.5.x before 8.5.0 CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Date published : 2014-11-25

http://www-01.ibm.com/support/docview.wss?uid=swg1PI24678

http://www-01.ibm.com/support/docview.wss?uid=swg21689849