IBM Security Bulletin: Vulnerability with Java Portlet Specification JSR 286 may affect WebSphere Application Server (CVE-2015-1926)

There has been a change to the Java Portlet Specification 2.0 (JSR 286) that may affect some configurations of WebSphere Application Server. CVE(s):   CVE-2015-1926 Affected product(s) and affected version(s): ...

from IBM Product Security Incident Response Team http://ift.tt/1JUVWuD