Vulnerability Bulletins

IBM Security Bulletin: XSS Vulnerabilities in IBM Dojo Toolkit affect WebSphere Service Registry and Repository

System information
   
Affected software IBM

Description
The IBM Dojo Toolkit shipped with WebSphere Service Registry and Repository contains files with cross-site scripting vulnerabilities. CVE(s): CVE-2014-8917 Affected product(s) and affected version(s): WebSphere Service Registry and Repository versions 7.0, 7.5, 8.0, 8.5.0.0, 8.5.0.1. Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21957732 X-Force Database:

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_xss_vulnerabilities_in_ibm_dojo_toolkit_affect_websphere_service_registry_and_repository?lang=en_us

Standar resources
Property Value
CVE CVE-2014-8917 ,CVE-2015-0488 and CVE-2015-3456.

Version history
Version Comments Date
1.0 Advisory issued 2015-05-29
Ministerio de Defensa
CNI
CCN
CCN-CERT