Page 11 of 66 results (0.007 seconds)

CVSS: 3.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2015-0139

https://notcve.org/view.php?id=CVE-2015-0139

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. Vulnerabilidad de XSS en IBM WebSphere Portal 8.0.0 hasta 8.0.0.1 CF15 y 8.5.0 anterior a CF05 permite a usuarios remotos autenticados inyectar secuencias de comandos web arbitrarios o HTML a través de una URL manipulada. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI33329 http://www-01.ibm.com/support/docview.wss?uid=swg21697213 http://www.securitytracker.com/id/1031880 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-0177

https://notcve.org/view.php?id=CVE-2015-0177

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF05 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. Vulnerabilidad de XSS en IBM WebSphere Portal 8.5.0 anterior a CF05 permite a usuarios remotos autenticados inyectar secuencias de comandos arbitrarios o HTML a través de una URL manipulada. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI35228 http://www-01.ibm.com/support/docview.wss?uid=swg21697213 http://www.securitytracker.com/id/1031880 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2014-6214

https://notcve.org/view.php?id=CVE-2014-6214

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. Vulnerabilidad de CSRF en IBM WebSphere Portal 8.0.0 hasta 8.0.0.1 CF15 y 8.5.0 anterior a CF05 permite a atacantes remotos secuestrar la autenticación de usuarios arbitrarios para solicitudes que insertan secuencias de XSS. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI34987 http://www-01.ibm.com/support/docview.wss?uid=swg21697213 http://www.securitytracker.com/id/1031880 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 4.3EPSS: 0%CPEs: 17EXPL: 0

CVE-2014-6171

https://notcve.org/view.php?id=CVE-2014-6171

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 through 8.0.0.1 CF14, and 8.5.0 before CF04 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Vulnerabilidad de XSS en IBM WebSphere Portal 6.1.0 hasta 6.1.0.6 CF27, 6.1.5 hasta 6.1.5.3 CF27, 7.0.0 hasta 7.0.0.2 CF29, 8.0.0 hasta 8.0.0.1 CF14 y 8.5.0 anteriores a CF04 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de URL manipuladas. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI29134 http://www-01.ibm.com/support/docview.wss?uid=swg21692107 https://exchange.xforce.ibmcloud.com/vulnerabilities/98383 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 17EXPL: 0

CVE-2014-8902

https://notcve.org/view.php?id=CVE-2014-8902

Cross-site scripting (XSS) vulnerability in the Blog Portlet in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 through 8.0.0.1 CF14, and 8.5.0 before CF04 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Vulnerabilidad de XSS en el Portlet de Blog en IBM WebSphere Portal 6.1.0 hasta 6.1.0.6 CF27, 6.1.5 hasta 6.1.5.3 CF27, 7.0.0 hasta 7.0.0.2 CF29, 8.0.0 hasta 8.0.0.1 CF14 y 8.5.0 anteriores a CF04 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de una URL manipulada. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI29956 http://www-01.ibm.com/support/docview.wss?uid=swg21692107 https://exchange.xforce.ibmcloud.com/vulnerabilities/99150 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •