Ibm

Websphere Portal

126 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2014-6215

  • EPSS 0.19%
  • Veröffentlicht 11.12.2014 23:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 before 7.0.0.2 CF29, 8.0.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 allows remote authenticated users to inject arbitrar...

3.5

CVE-2014-6093

  • EPSS 0.34%
  • Veröffentlicht 26.11.2014 02:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x before 7.0.0.2 CF29, 8.0.x through 8.0.0.1 CF14, and 8.5.x before 8.5.0 CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

6.8

CVE-2014-6125

  • EPSS 0.16%
  • Veröffentlicht 28.10.2014 19:55:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.5.0 before CF03 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

4.3

CVE-2014-6126

  • EPSS 0.23%
  • Veröffentlicht 28.10.2014 19:55:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.5

CVE-2014-4808

  • EPSS 1.61%
  • Veröffentlicht 28.10.2014 19:55:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 allows remote authenticated users to execute arbitrary code via unknow...

3.5

CVE-2014-4814

  • EPSS 0.58%
  • Veröffentlicht 28.10.2014 19:55:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 does not properly detect recursion during entity expansion, which allows remote authenticated users...

5

CVE-2014-4821

  • EPSS 0.32%
  • Veröffentlicht 28.10.2014 19:55:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 provides different web-server error codes depending on whether a requested file exists, which allow...

4

CVE-2014-4761

  • EPSS 0.23%
  • Veröffentlicht 10.10.2014 10:55:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 before 8.0.0.1 CF14, and 8.5.0 through 8.5.0.0 CF02 allows remote authenticated users to discover credentials by reading HTML source code.

3.5

CVE-2014-4762

  • EPSS 0.16%
  • Veröffentlicht 12.09.2014 01:55:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF13 and 8.5.0 before CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

4

CVE-2014-4792

  • EPSS 0.51%
  • Veröffentlicht 12.09.2014 01:55:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28, 8.0.0 through 8.0.0.1 CF13, and 8.5.0 before CF02 allows remote authenticated users to cause a denial of service (disk consumption) by uploading ...