Cross-site scripting (XSS) vulnerability in IBM Content Template Catalog 4.x before 4.1.4 for WebSphere Portal 8.0.x and 4.x before 4.3.1 for WebSphere Portal 8.5.x allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

"在IBM Content Template Catalog 4.x 的4.1.4之前版本(适用于WebSphere Portal 8.0.x)以及在4.3.1之前版本(适用于WebSphere Portal 8.5.x)的WebSphere Portal 8.x中存在跨站点脚本(XSS)漏洞，允许远程攻击者通过构造的URL注入任意的Web脚本或HTML。

NVD 暂无评分

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

NVD 暂无漏洞类别信息

神龙GPT 暂无漏洞类别信息（请耐心等待）