LO36646: CROSS SITE SCRIPTING (XSS) VULNERABILITIES IN QUICKR

 

APAR status

  • Closed as program error.

Error description

  • The customer reported potential XSS vulnerabilities in Quickr
    8.1 services for WebSphere Portal to IBM Lotus.  This issue has
    been resolved in iFix # LO36646.
    

Local fix

Problem summary

  • The security vulnerability was identified.  A code change will
    be made to address the issue.
    

Problem conclusion

  • The changes will be packaged into iFix LO36646 and superseded
    fixes will include the change.
    

Temporary fix

Comments

APAR Information

  • APAR number

    LO36646

  • Reported component name

    QUICKR FOR PORT

  • Reported component ID

    5724S3101

  • Reported release

    810

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2009-01-12

  • Closed date

    2009-09-30

  • Last modified date

    2009-09-30

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    QUICKR FOR PORT

  • Fixed component ID

    5724S3101

Applicable component levels

  • R810 PSY

       UP

Rate this page:

(0 users)Average rating

Document information


More support for:

Lotus Quickr for WebSphere Portal

Software version:

8.1

Reference #:

LO36646

Modified date:

2009-09-30

Translate my page

Machine Translation

Content navigation