Ibm

Websphere Portal

126 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2015-4998

  • EPSS 0.27%
  • Veröffentlicht 21.12.2015 11:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote attackers to inject arbitrary web scri...

6.1

CVE-2015-4993

  • EPSS 0.23%
  • Veröffentlicht 21.12.2015 11:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote attackers to inject arbitrary web scri...

7.8

CVE-2015-7419

  • EPSS 0.94%
  • Veröffentlicht 14.11.2015 03:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows remote attackers to cause a denial of service (memory consumption) via crafted requests.

6.8

CVE-2015-4997

  • EPSS 0.25%
  • Veröffentlicht 29.10.2015 11:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM WebSphere Portal 8.5.0 before CF08 allows remote attackers to bypass intended access restrictions via a crafted request.

5

CVE-2014-8912

  • EPSS 0.22%
  • Veröffentlicht 28.10.2015 18:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 through 8.0.0.1 CF18, and 8.5.0 before CF08 improperly restricts resource access, which allows remote attackers to obtain sensitive informa...

7.8

CVE-2015-1943

  • EPSS 0.94%
  • Veröffentlicht 14.09.2015 22:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote attackers to cause a denial of service (CPU and memory consumption) via a craf...

3.5

CVE-2015-1944

  • EPSS 0.16%
  • Veröffentlicht 14.07.2015 14:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF17 and 8.5.0 before CF06 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

5

CVE-2015-1887

  • EPSS 0.29%
  • Veröffentlicht 14.07.2015 14:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM WebSphere Portal 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote attackers to obtain sensitive Java Content Repository (JCR) information via a crafted request.

4.3

CVE-2015-1917

  • EPSS 0.23%
  • Veröffentlicht 14.07.2015 14:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the Active Content Filtering component in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF17, and 8.5.0 before CF06 allows rem...

6.4

CVE-2015-1921

  • EPSS 0.23%
  • Veröffentlicht 25.05.2015 00:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Open redirect vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF17 and 8.5.0 before CF06 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.