CVE-2009-4152
IBM WebSphere Portal <6.1.0.3 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in the Collaboration component in IBM WebSphere Portal 6.1.x before 6.1.0.3 allows remote attackers to inject arbitrary web script or HTML via the people picker tag.
References (5)
Scores
EPSS
0.0032
EPSS Percentile
54.8%
Classification
CWE
CWE-79
Status
published
Affected Products (4)
ibm/websphere_portal
ibm/websphere_portal
ibm/websphere_portal
n/a/n/a
Timeline
Published
Dec 02, 2009
Tracked Since
Feb 18, 2026