Ibm: >> Websphere Portal >> 9.0.0.0 Security Vulnerabilities
IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138437.
CVSS Score
6.1
EPSS Score
0.004
Published
2018-02-09
IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137158.
CVSS Score
6.1
EPSS Score
0.004
Published
2018-01-11
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could reveal sensitive information from an error message that could lead to further attacks against the system. IBM X-Force ID: 124390.
CVSS Score
5.3
EPSS Score
0.003
Published
2017-12-27
IBM WebSphere Portal 8.5 and 9.0 exposes backend server URLs that are configured for usage by the Web Application Bridge component. IBM X-Force ID: 127476.
CVSS Score
5.3
EPSS Score
0.002
Published
2017-12-20
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 132117.
CVSS Score
7.5
EPSS Score
0.015
Published
2017-09-28
Page 2