Ibm

Websphere Portal

126 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2015-4998

  • EPSS 0.27%
  • Published 21.12.2015 11:59:03
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote attackers to inject arbitrary web scri...

6.1

CVE-2015-4993

  • EPSS 0.23%
  • Published 21.12.2015 11:59:02
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote attackers to inject arbitrary web scri...

7.8

CVE-2015-7419

  • EPSS 0.94%
  • Published 14.11.2015 03:59:06
  • Last modified 12.04.2025 10:46:40

IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows remote attackers to cause a denial of service (memory consumption) via crafted requests.

6.8

CVE-2015-4997

  • EPSS 0.25%
  • Published 29.10.2015 11:59:06
  • Last modified 12.04.2025 10:46:40

IBM WebSphere Portal 8.5.0 before CF08 allows remote attackers to bypass intended access restrictions via a crafted request.

5

CVE-2014-8912

  • EPSS 0.22%
  • Published 28.10.2015 18:59:00
  • Last modified 12.04.2025 10:46:40

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 through 8.0.0.1 CF18, and 8.5.0 before CF08 improperly restricts resource access, which allows remote attackers to obtain sensitive informa...

7.8

CVE-2015-1943

  • EPSS 0.94%
  • Published 14.09.2015 22:59:00
  • Last modified 12.04.2025 10:46:40

IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote attackers to cause a denial of service (CPU and memory consumption) via a craf...

3.5

CVE-2015-1944

  • EPSS 0.16%
  • Published 14.07.2015 14:59:01
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF17 and 8.5.0 before CF06 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

5

CVE-2015-1887

  • EPSS 0.29%
  • Published 14.07.2015 14:59:00
  • Last modified 12.04.2025 10:46:40

IBM WebSphere Portal 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote attackers to obtain sensitive Java Content Repository (JCR) information via a crafted request.

4.3

CVE-2015-1917

  • EPSS 0.23%
  • Published 14.07.2015 14:59:00
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the Active Content Filtering component in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF17, and 8.5.0 before CF06 allows rem...

6.4

CVE-2015-1921

  • EPSS 0.23%
  • Published 25.05.2015 00:59:11
  • Last modified 12.04.2025 10:46:40

Open redirect vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF17 and 8.5.0 before CF06 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.