News archive
IBM WebSphere Portal ‘Portlet Palette’ Cross-Site Scripting vulnerability
We discovered an IBM WebSphere Portal ‘Portlet Palette’ Cross-Site Scripting vulnerability. After we reported this vulnerability IBM reported this on their site, including a fix.
CVE reference: CVE-2010-0704
Vulnerability discovered: November 16, 2009
Discovered by: Sjoerd Resink, Fox-IT BV
Reported to vendor: January 11, 2010
Fix available: February 19, 2010
Product
IBM® WebSphere® Portal consists of middleware applications (called portlets), and development tools for building and managing secure business-to-business (B2B), business-to-consumer (B2C), and business-to-employee (B2E) portals. More information about the product can be found here.
Vulnerability
The search field within the Portlet Palette of IBM WebSphere Portal is vulnerable to Cross-Site Scripting (XSS). The vulnerability specifically resides in the ‘title’ parameter. Authentication is required to exploit this vulnerability. Fox-IT verified that IBM WebSphere Portal version 6.0.1.5
Build Level wp6015_008_01 is vulnerable. It is unknown if other versions are affected as well.
You can find the fix here.
Please click here for our advisory.
