CVE-2015-4998 | HackTesting

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-4993.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1PI47712

http://www-01.ibm.com/support/docview.wss?uid=swg21970176

http://www.securitytracker.com/id/1034284