1723474 - Cross Site Scripting issues

There are cross-site scripting vulnerabilities in the following URLs:

• http://<server>:<port>/admin/CMC/<UID>/admin/logon.faces
• http://<server>:<port>/BOE/portal/<UID>/PlatformServices/service/app/logon.do
• http://<server>:<port>/admin/CMC/<UID>/PlatformServices/service/app/timeout.do
• http://<server>:<port>/admin/CMC/<UID>/PlatformServices/jsp/Help/helpRedirect.faces
• http://<server>:<port>//admin/CMC/<UID>/admin/App/frameset.jsp

This is tracked under ADAPT01632353

The fix for this appears in Patch 2.16

KBA , BI-BIP-DEP , Webapp Deployment, Networking, Vulnerabilities, Webservices , Problem