OnDemand User Group
Welcome,
Guest
. Please
login
or
register
.
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
News:
Home
Help
Search
Calendar
Login
Register
OnDemand User Group
»
General
»
Announcements & News
»
SECURITY BULLETIN: IBM Content Navigator
« previous
next »
Print
Pages: [
1
]
Author
Topic: SECURITY BULLETIN: IBM Content Navigator (Read 3257 times)
Justin Derrick
IBM Content Manager OnDemand Consultant
Administrator
Hero Member
Posts: 2229
CMOD Guru for hire...
SECURITY BULLETIN: IBM Content Navigator
«
on:
April 02, 2015, 05:32:08 AM »
There were two security bulletins issued April 2nd for Content Navigator ("ICN"), and ICN 2.0.3 FixPack 3 released April 1st (no joke!).
Security Bulletin: IBM Content Navigator is potentially vulnerable to cross-site scripting, caused by improper validation of user-supplied input
http://www-01.ibm.com/support/docview.wss?uid=swg21700205
Security Bulletin: IBM Content Navigator affected by dojox/form/resources/*.swf and dojox/av/resources/*.swf XSS vulnerability
http://www-01.ibm.com/support/docview.wss?uid=swg21696244
Here's the FixPack announcement:
http://www-01.ibm.com/support/knowledgecenter/SSEUEX_2.0.3/readme/icn_fixpack2.0.3.300_readme.html
Stay safe!
-JD.
Logged
IBM CMOD Professional Services:
http://TenaciousConsulting.com
Call: +1-866-533-7742 or eMail:
jd@justinderrick.com
IBM CMOD Wiki:
https://CMOD.wiki/
FREE IBM CMOD Education & Webinars:
https://CMOD.Training/
Interests: #AIX #Linux #Multiplatforms #DB2 #TSM #SP #Performance #Security #Audits #Customizing #Availability #HA #DR
Print
Pages: [
1
]
« previous
next »
OnDemand User Group
»
General
»
Announcements & News
»
SECURITY BULLETIN: IBM Content Navigator
