IBM WebSphere Portal Cross Site Scripting and Unspecified Security Vulnerabilities

IBM WebSphere Portal Cross Site Scripting and Unspecified Security Vulnerabilities

IBM WebSphere Portal is prone to these security vulnerabilities:

- A cross-site scripting vulnerability.
- An unspecified security vulnerability related to 'XMLACCESS'.

An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and steal cookie-based authentication credentials. The impact of the other issue is unknown.

Versions prior to IBM WebSphere Portal 6.1.0.3 are vulnerable.