IBM » Websphere Portal : Security Vulnerabilities, CVEs, CVSS score >= 8

CVE-2017-1156

IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force. ID: 122592
Max CVSS
8.8
EPSS Score
0.73%
Published
2017-05-05
Updated
2019-10-03

CVE-2016-2901

Cross-site request forgery (CSRF) vulnerability in the PA_Theme_Creator application in IBM WebSphere Portal 8.5 CF08 through CF10 and Web Content Manager allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Max CVSS
8.8
EPSS Score
0.09%
Published
2016-06-26
Updated
2016-08-18

CVE-2008-5675

Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 has unknown impact and attack vectors related to "Access problems with BasicAuthTAI."
Max CVSS
10.0
EPSS Score
0.28%
Published
2008-12-19
Updated
2011-03-08
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close