What is CVE-2018-1361?

CVE-2018-1361 is a vulnerability in Ibm Websphere Portal. Published 2018-01-11.

Is CVE-2018-1361 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Ibm Websphere Portal

CVE-2018-1361

IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure…

EPSS: 0.004 (61.4th percentile) — read the EPSS interpretation.

Affected products

Ibm Websphere Portal — versions 9.0, 8.5

Public proof-of-concept exploits

CybVulnHunter/nmap-guidelines

References

www.ibm.com/support/docview.wss (x_refsource_CONFIRM)
exchange.xforce.ibmcloud.com/vulnerabilities/137158 (x_refsource_MISC)
1040132 (vdb-entry, x_refsource_SECTRACK)
102501 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2018-1361?: CVE-2018-1361 is a vulnerability in Ibm Websphere Portal. Published 2018-01-11.
Is CVE-2018-1361 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.