Vulnerability Details CVE-2015-7413
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF19 and 8.5.0 through CF08 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.9%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI50844
- http://www-01.ibm.com/support/docview.wss?uid=swg21970176
- http://www.securitytracker.com/id/1034284
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI50844
- http://www-01.ibm.com/support/docview.wss?uid=swg21970176
- http://www.securitytracker.com/id/1034284
Products affected by CVE-2015-7413
-
cpe:2.3:a:ibm:websphere_portal:8.0.0.0
-
cpe:2.3:a:ibm:websphere_portal:8.0.0.1
-
cpe:2.3:a:ibm:websphere_portal:8.5.0.0