Security Bulletin: Open Redirect and Cross-Site Scripting Vulnerabilities in the IBM InfoSphere Discovery Information Center (CVE-2012-2159, CVE-2012-2161)
IBM PSIRT 270004PFE3 firstname.lastname@example.org | | Tags:  psirtim psirtmedium
0 Comments | 1,127 Visits
The InfoSphere Discovery Information Center package gives you local access to all of the information you need to take full advantage of the Discovery product. Some scripts in the help system used by InfoSphere Discovery Information Center are vulnerable to open redirect or cross-site scripting attacks.
Affected product(s) and Version(s):
IBM InfoSphere Discovery Information Center Version 4.5.1
IBM InfoSphere Discovery Version 4.5.1 for Information Integration
IBM InfoSphere Discovery Version 4.5.1 for z/OS
IBM InfoSphere Discovery Version 4.5.1 for Information Integration Workgroup edition
Refer to the following reference URLs for remediation and additional vulnerability details.
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21617872