Plumtree Corporate Portal Cross Site Scripting Vulnerability

info
discussion
exploit
solution
references

Plumtree Corporate Portal Cross Site Scripting Vulnerability

Solution:
Plumtree has acknowledged this issue and has included a fix in Corporate Portal 4.5 Service Pack 1. As well, Hotfix 6 has been released to address this issue in Corporate Portal 4.0 SP1. Reportedly this issue is documented in Plumtree supportnet article ID 11012, which is available from the Plumtree supportnet community.