Release date:
Updated on:
Affected Systems:
IBM FileNet Content Manager 4.x
Description:
--------------------------------------------------------------------------------
CVE (CAN) ID: CVE-2013-5449
IBM FileNet Content Manager is a core Content management solution for the IBM FileNet P8 platform.
In IBM FileNet Content Manager 4.5.1, 5.0.0, 5.1.0, and 5.2.0, Eclipse helps workingSet in the system. jsp is not properly filtered. After successful exploitation, arbitrary HTML and script code can be executed in the affected site user's browser.
<* Source: vendor
Link: http://secunia.com/advisories/55938/
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
IBM
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.ibm.com/support/fixcentral/
Http://www.ibm.com/support/docview.wss? Uid = swg21657493