What is CVE-2015-4998?

CVE-2015-4998 is a medium-severity vulnerability in Ibm Websphere_portal, classified under Cross-site Scripting. CVSS score: 6.1/10. Published 2015-12-21.

How severe is CVE-2015-4998?

Medium severity. CVSS v3 base score is 6.1 out of 10.

XSS in Ibm Websphere_portal

CVE-2015-4998

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote attackers to inject arbitra…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.003 (50.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.1 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N.

Affected products

Ibm Websphere_portal — versions 6.1.0.0, 6.1.0.1, 6.1.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

PI47712 (vendor-advisory, x_refsource_AIXAPAR)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
1034284 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2015-4998?: CVE-2015-4998 is a medium-severity vulnerability in Ibm Websphere_portal, classified under Cross-site Scripting. CVSS score: 6.1/10. Published 2015-12-21.
How severe is CVE-2015-4998?: Medium severity. CVSS v3 base score is 6.1 out of 10.