1. Home
  2. Web App Vulnerabilities
  3. How to remediate – IBM WebSphere Portal Themes Unspecified XSS (PM90118)
Searching...

How to remediate – IBM WebSphere Portal Themes Unspecified XSS (PM90118)

Contents

1. Introduction

The IBM WebSphere Portal Themes Unspecified XSS (PM90118) vulnerability allows an attacker to execute arbitrary code in a user’s browser. This could lead to the theft of cookies, redirection to malicious sites, or defacement of web pages. Systems running affected versions of IBM WebSphere Portal are at risk. A successful exploit can compromise confidentiality, integrity and availability.

2. Technical Explanation

The vulnerability is a cross-site scripting (XSS) flaw in the WebSphere Portal software. An attacker can inject malicious scripts into web pages viewed by other users. This requires the user to visit a specially crafted URL or interact with a compromised page. The CVE identifier for this issue is CVE-2013-0587.

  • Root cause: insufficient input validation allows untrusted data to be included in WebSphere Portal pages without proper sanitization.
  • Exploit mechanism: An attacker crafts a URL containing malicious JavaScript code, which is then executed when a user visits the link. For example, an attacker could inject a script that steals session cookies.
  • Scope: Affected versions of IBM WebSphere Portal are 7.0 and 8.0.

3. Detection and Assessment

To confirm if your system is vulnerable, check the installed version of WebSphere Portal. A thorough assessment involves reviewing web application code for areas where user input is not properly validated.

  • Quick checks: Use the IBM Installation Manager to view the installed version of WebSphere Portal.
  • Scanning: Nessus plugin ID 68934 can detect this vulnerability. This is an example only, and may require updating.
  • Logs and evidence: Examine application logs for suspicious script activity or unusual user input patterns.
# No command available to check version directly from the CLI without access to WebSphere Portal itself. Use IBM Installation Manager GUI.

4. Solution / Remediation Steps

4.1 Preparation

  • Services: No services need to be stopped, but plan for potential downtime during the installation process.
  • Rollback: Revert to the previous backup if the fix causes issues. A change window may be required depending on your environment.

4.2 Implementation

  1. Step 1: Download Interim Fix PM90118 from IBM Support (http://www-01.ibm.com/support/docview.wss?uid=swg21646618).
  2. Step 2: Install the fix using IBM Installation Manager. Follow the on-screen instructions.

4.3 Config or Code Example

No configuration changes are required; this vulnerability is fixed by applying a patch.

Before

After

4.4 Security Practices Relevant to This Vulnerability

  • Practice 2: Implement a regular patch management process to apply security fixes promptly.

4.5 Automation (Optional)

No automation script provided, as installation requires IBM Installation Manager GUI.

5. Verification / Validation

Verify the fix by confirming that the installed version of WebSphere Portal is 7.0.0.2 CF24 or 8.0.0.1 CF07 or later. Re-test using a vulnerability scanner to confirm the issue is resolved.

  • Post-fix check: Use IBM Installation Manager to verify that version 7.0.0.2 CF24 or 8.0.0.1 CF07 or later is installed.
  • Re-test: Run a vulnerability scan using Nessus plugin ID 68934 and confirm it no longer reports the issue.
  • Smoke test: Verify that users can still log in to WebSphere Portal and access key features.
  • Monitoring: Monitor application logs for any suspicious script activity or errors related to input validation.
# No command available to check version directly from the CLI without access to WebSphere Portal itself. Use IBM Installation Manager GUI.

6. Preventive Measures and Monitoring

  • Baselines: Update your security baseline to include the latest WebSphere Portal versions and recommended configurations.
  • Pipelines: Integrate SAST tools into your CI/CD pipeline to scan for XSS vulnerabilities in web application code.
  • Asset and patch process: Implement a regular patch review cycle of at least monthly, or sooner for critical updates.

7. Risks, Side Effects, and Roll Back

  • Risk or side effect 1: Applying the fix may require downtime. Plan accordingly.

8. References and Resources

Updated on December 27, 2025

Was this article helpful?

Yes No

Related Articles