CVE-2016-8936

Description

IBM Social Rendering Templates for Digital Data Connector is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Affected products

• IBM Corporation / WebSphere Portal5.1.0.0 – 5.1.0.0
• IBM Corporation / WebSphere Portal5.1.0.1 – 5.1.0.1
• IBM Corporation / WebSphere Portal5.1.0.2 – 5.1.0.2
• IBM Corporation / WebSphere Portal5.1.0.3 – 5.1.0.3
• IBM Corporation / WebSphere Portal5.1.0.4 – 5.1.0.4
• IBM Corporation / WebSphere Portal5.1.0.5 – 5.1.0.5
• IBM Corporation / WebSphere Portal6.0.0.0 – 6.0.0.0
• IBM Corporation / WebSphere Portal6.0.0.1 – 6.0.0.1
• IBM Corporation / WebSphere Portal6.0.1.1 – 6.0.1.1
• IBM Corporation / WebSphere Portal6.0.1.3 – 6.0.1.3
• IBM Corporation / WebSphere Portal6.1.0.0 – 6.1.0.0
• IBM Corporation / WebSphere Portal6.0.1.5 – 6.0.1.5
• IBM Corporation / WebSphere Portal6.0.1.2 – 6.0.1.2
• IBM Corporation / WebSphere Portal6.0.1.4 – 6.0.1.4
• IBM Corporation / WebSphere Portal6.1.0.1 – 6.1.0.1
• IBM Corporation / WebSphere Portal6.1.0.2 – 6.1.0.2
• IBM Corporation / WebSphere Portal6.1.0.3 – 6.1.0.3
• IBM Corporation / WebSphere Portal6.0.1.5 build wp6015_008_01 – 6.0.1.5 build wp6015_008_01
• IBM Corporation / WebSphere Portal6.0.0.2 – 6.0.0.2
• IBM Corporation / WebSphere Portal6.0.0.3 – 6.0.0.3
• IBM Corporation / WebSphere Portal6.0.0.4 – 6.0.0.4
• IBM Corporation / WebSphere Portal6.0.1.0 – 6.0.1.0
• IBM Corporation / WebSphere Portal6.0.1.6 – 6.0.1.6
• IBM Corporation / WebSphere Portal6.0.1.7 – 6.0.1.7
• IBM Corporation / WebSphere Portal6.1.5.0 – 6.1.5.0
• IBM Corporation / WebSphere Portal7.0 – 7.0
• IBM Corporation / WebSphere Portal7.0.0.1 – 7.0.0.1
• IBM Corporation / WebSphere Portal8.0 – 8.0
• IBM Corporation / WebSphere Portal1.0 – 1.0
• IBM Corporation / WebSphere Portal8.0.0.1 – 8.0.0.1
• IBM Corporation / WebSphere Portal7.0.0.2 – 7.0.0.2
• IBM Corporation / WebSphere Portal6.1.0.4 – 6.1.0.4
• IBM Corporation / WebSphere Portal6.1.0.5 – 6.1.0.5
• IBM Corporation / WebSphere Portal6.1.0.6 – 6.1.0.6
• IBM Corporation / WebSphere Portal6.1.5.1 – 6.1.5.1
• IBM Corporation / WebSphere Portal6.1.5.2 – 6.1.5.2
• IBM Corporation / WebSphere Portal6.1.5.3 – 6.1.5.3
• IBM Corporation / WebSphere Portal8 – 8
• IBM Corporation / WebSphere Portal7 – 7
• IBM Corporation / WebSphere Portal6.1.5 – 6.1.5
• IBM Corporation / WebSphere Portal6.1.0 – 6.1.0
• IBM Corporation / WebSphere Portal6.0.1 – 6.0.1
• IBM Corporation / WebSphere Portal6.0.0 – 6.0.0
• IBM Corporation / WebSphere Portal8.5 – 8.5
• IBM Corporation / WebSphere Portal6.1 – 6.1
• IBM Corporation / WebSphere Portal6.0 – 6.0
• IBM Corporation / WebSphere Portal8.5.0 – 8.5.0

References

• MISChttp://www.ibm.com/support/docview.wss?uid=swg21993895
• MISChttp://www.securityfocus.com/bid/94443