Filtered by vendor Ibm
Subscriptions
Filtered by product Websphere Portal
Subscriptions
Total
128 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-6125 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.5.0 before CF03 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. | ||||
CVE-2014-6126 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2014-0952 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
Cross-site scripting (XSS) vulnerability in boot_config.jsp in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF28, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2014-6214 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. | ||||
CVE-2014-8912 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 through 8.0.0.1 CF18, and 8.5.0 before CF08 improperly restricts resource access, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by configuration information. | ||||
CVE-2014-8902 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
Cross-site scripting (XSS) vulnerability in the Blog Portlet in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 through 8.0.0.1 CF14, and 8.5.0 before CF04 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
CVE-2014-0951 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
Cross-site scripting (XSS) vulnerability in FilterForm.jsp in IBM WebSphere Portal 7.0 before 7.0.0.2 CF28 and 8.0 before 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2015-0195 | 1 Ibm | 2 Content Template Catalog, Websphere Portal | 2025-04-12 | N/A |
Cross-site scripting (XSS) vulnerability in IBM Content Template Catalog 4.x before 4.1.4 for WebSphere Portal 8.0.x and 4.x before 4.3.1 for WebSphere Portal 8.5.x allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
CVE-2015-0139 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | ||||
CVE-2015-1899 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
IBM WebSphere Portal 8.5 through CF05 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||||
CVE-2014-4762 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF13 and 8.5.0 before CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | ||||
CVE-2015-1944 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF17 and 8.5.0 before CF06 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | ||||
CVE-2015-4997 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
IBM WebSphere Portal 8.5.0 before CF08 allows remote attackers to bypass intended access restrictions via a crafted request. | ||||
CVE-2015-1887 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
IBM WebSphere Portal 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote attackers to obtain sensitive Java Content Repository (JCR) information via a crafted request. | ||||
CVE-2015-7413 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF19 and 8.5.0 through CF08 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
CVE-2015-7447 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and 8.5.0 before CF09 allows remote attackers to bypass intended Portal AccessControl REST API access restrictions and obtain sensitive information via unspecified vectors. | ||||
CVE-2015-7491 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF09 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | ||||
CVE-2015-1921 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
Open redirect vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF17 and 8.5.0 before CF06 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. | ||||
CVE-2016-0209 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF09 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2014-0918 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
Directory traversal vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1 CF06 allows remote attackers to read arbitrary files via a crafted URL. |