IBM WebSphere Portal Cross Site Scripting and Unspecified Security Vulnerabilities
IBM WebSphere Portal is prone to these security vulnerabilities:
- A cross-site scripting vulnerability.
- An unspecified security vulnerability related to 'XMLACCESS'.
An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and steal cookie-based authentication credentials. The impact of the other issue is unknown.
Versions prior to IBM WebSphere Portal 184.108.40.206 are vulnerable.