Cross-Site Scripting Vulnerability in IBM Web Experience Factory by IBM
CVE-2014-6196

Currently unrated

Key Information:

Vendor

IBM
Status
Web Experience Factory
Vendor
CVE Published:
26 November 2014

What is CVE-2014-6196?

A cross-site scripting (XSS) vulnerability exists in IBM Web Experience Factory versions 6.1.5 through 8.5.0.1. This flaw affects the WebSphere Dashboard Framework and Lotus Widget Factory, enabling remote attackers to inject arbitrary web scripts or HTML. The vulnerability arises from an error in the Dojo builder during specific WebSphere Portal configurations, resulting in improper response page construction by the application. Organizations should consider implementing the recommended patches and applying necessary security measures to safeguard against potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www-01.ibm.com/support/docview.wss?uid=swg1LO82674
vendor-advisoryx_refsource_AIXAPAR
http://www-01.ibm.com/support/docview.wss?uid=swg21690018
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg1LO82675
vendor-advisoryx_refsource_AIXAPAR

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.