Problem: DOJO LIBRARY USED BY IBM PRODUCTS IS VULNERABLE TO CROSS SITE SCRIPTING ATTACKS. Fixed by: Interim Fix JR52393 1. Interim fix dependencies =========================== - Prerequisites: None - Supersedes: none 2. Interim fix installation order (Installation Manager) ======================================================== JR52393 (repository name 8.5.5.0-WS-WBM-IFJR52393) 3. Interim Fix Installation instructions ======================================== a. Stop the stand-alone server or network deployment environment. b. For each physical installation (of Business Process Manager, Business Monitor, or stand-alone Business Space) in the environment, perform the following steps: i. Download 8.5.5.0-WS-WBM-IFJR52393.zip ii. Unzip 8.5.5.0-WS-WBM-IFJR52393.zip to a temporary directory and point Installation Manager to the temporary directory. Install the interim fix using instructions at http://www-01.ibm.com/support/docview.wss?uid=swg21417656 Note: This fix deletes some .swf files from the dojo library packaged by the Business Space component. Even though Business Space packages these flash files, the files are not actually used by Business Space. 4. Uninstall Instructions ========================= a. Stop the stand-alone server or network deployment environment. b. For each physical installation (of Business Process Manager, Business Monitor, or stand-alone Business Space) in the environment, uninstall the JR52393 interim fix using Installation Manager. c. Start the stand-alone server or network deployment environment.