Ibm Websphere Portal
20 CVEs affecting Ibm Websphere Portal. Latest disclosed: 2018-10-12. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-1577 | High | 7.5 | 2017-09-28 | IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL… |
CVE-2018-1736 | High | 7.4 | 2018-09-27 | IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to… |
CVE-2018-1673 | Medium | 6.1 | 2018-10-12 | IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the We… |
CVE-2018-1716 | Medium | 6.1 | 2018-09-27 | IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the We… |
CVE-2018-1483 | Medium | 6.1 | 2018-04-11 | IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus a… |
CVE-2017-1303 | Medium | 6.1 | 2017-07-31 | IBM WebSphere Portal and Web Content Manager 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary J… |
CVE-2017-1217 | Medium | 6.1 | 2017-07-05 | IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus a… |
CVE-2018-1820 | Medium | 5.4 | 2018-09-27 | IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI… |
CVE-2018-1660 | Medium | 5.4 | 2018-09-27 | IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the We… |
CVE-2018-1444 | Medium | 5.4 | 2018-03-14 | IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus a… |
CVE-2017-1536 | Medium | 5.4 | 2017-12-11 | IBM Support Tools for Lotus WCM (IBM WebSphere Portal 7.0, 8.0, 8.5 and 9.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed ar… |
CVE-2018-1420 | Medium | 5.3 | 2018-10-01 | IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation… |
CVE-2017-1698 | Medium | 5.3 | 2017-12-27 | IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could reveal sensitive information from an error message that could lead to further attacks against the system. IBM… |
CVE-2017-1423 | Medium | 5.3 | 2017-12-20 | IBM WebSphere Portal 8.5 and 9.0 exposes backend server URLs that are configured for usage by the Web Application Bridge component. IBM X-Force ID: 127476. |
CVE-2018-1672 | Medium | 5.0 | 2018-10-01 | IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the… |
CVE-2018-1445 | | 2018-04-17 | IBM WebSphere Portal 8.0.0 through 8.0.0.1, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript c… | |
CVE-2018-1416 | | 2018-02-27 | IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the We… | |
CVE-2018-1401 | | 2018-02-09 | IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI… | |
CVE-2017-1761 | | 2018-02-09 | IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the We… | |
CVE-2018-1361 | | 2018-01-11 | IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus a… |