Ibm

Websphere Portal

126 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2014-6215

  • EPSS 0.19%
  • Published 11.12.2014 23:59:00
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 before 7.0.0.2 CF29, 8.0.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 allows remote authenticated users to inject arbitrar...

3.5

CVE-2014-6093

  • EPSS 0.34%
  • Published 26.11.2014 02:59:00
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x before 7.0.0.2 CF29, 8.0.x through 8.0.0.1 CF14, and 8.5.x before 8.5.0 CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

6.8

CVE-2014-6125

  • EPSS 0.16%
  • Published 28.10.2014 19:55:03
  • Last modified 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.5.0 before CF03 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

4.3

CVE-2014-6126

  • EPSS 0.23%
  • Published 28.10.2014 19:55:03
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.5

CVE-2014-4808

  • EPSS 1.61%
  • Published 28.10.2014 19:55:02
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 allows remote authenticated users to execute arbitrary code via unknow...

3.5

CVE-2014-4814

  • EPSS 0.58%
  • Published 28.10.2014 19:55:02
  • Last modified 12.04.2025 10:46:40

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 does not properly detect recursion during entity expansion, which allows remote authenticated users...

5

CVE-2014-4821

  • EPSS 0.32%
  • Published 28.10.2014 19:55:02
  • Last modified 12.04.2025 10:46:40

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 provides different web-server error codes depending on whether a requested file exists, which allow...

4

CVE-2014-4761

  • EPSS 0.23%
  • Published 10.10.2014 10:55:07
  • Last modified 12.04.2025 10:46:40

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 before 8.0.0.1 CF14, and 8.5.0 through 8.5.0.0 CF02 allows remote authenticated users to discover credentials by reading HTML source code.

3.5

CVE-2014-4762

  • EPSS 0.16%
  • Published 12.09.2014 01:55:07
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF13 and 8.5.0 before CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

4

CVE-2014-4792

  • EPSS 0.51%
  • Published 12.09.2014 01:55:07
  • Last modified 12.04.2025 10:46:40

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28, 8.0.0 through 8.0.0.1 CF13, and 8.5.0 before CF02 allows remote authenticated users to cause a denial of service (disk consumption) by uploading ...