CVSS: 4.3EPSS: 0%CPEs: 48EXPL: 0CVE-2014-0951
https://notcve.org/view.php?id=CVE-2014-0951
Cross-site scripting (XSS) vulnerability in FilterForm.jsp in IBM WebSphere Portal 7.0 before 7.0.0.2 CF28 and 8.0 before 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en FilterForm.jsp en IBM WebSphere Portal 7.0 anterior a 7.0.0.2 CF28 y 8.0 anterior a 8.0.0.1 CF12 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI15690 http://www-01.ibm.com/support/docview.wss?uid=swg21672572 https://exchange.xforce.ibmcloud.com/vulnerabilities/92624 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 58EXPL: 0CVE-2014-0952
https://notcve.org/view.php?id=CVE-2014-0952
Cross-site scripting (XSS) vulnerability in boot_config.jsp in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF28, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en boot_config.jsp en IBM WebSphere Portal 6.1.0 hasta 6.1.0.6 CF27, 6.1.5 hasta 6.1.5.3 CF28, 7.0 hasta 7.0.0.2 CF28 y 8.0 anterior a 8.0.0.1 CF12 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI16041 http://www-01.ibm.com/support/docview.wss?uid=swg21672572 https://exchange.xforce.ibmcloud.com/vulnerabilities/92625 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 59EXPL: 0CVE-2014-0956
https://notcve.org/view.php?id=CVE-2014-0956
Cross-site scripting (XSS) vulnerability in googlemap.jsp in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en googlemap.jsp en IBM WebSphere Portal 6.1.0 hasta 6.1.0.6 CF27, 6.1.5 hasta 6.1.5.3 CF27, 7.0 hasta 7.0.0.2 CF28 y 8.0 anterior a 8.0.0.1 CF12 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI16040 http://www-01.ibm.com/support/docview.wss?uid=swg21672572 https://exchange.xforce.ibmcloud.com/vulnerabilities/92629 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 0%CPEs: 59EXPL: 0CVE-2014-0959
https://notcve.org/view.php?id=CVE-2014-0959
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote authenticated users to cause a denial of service (infinite loop) via a login redirect. IBM WebSphere Portal 6.1.0 hasta 6.1.0.6 CF27, 6.1.5 hasta 6.1.5.3 CF27, 7.0 hasta 7.0.0.2 CF28 y 8.0 anterior a 8.0.0.1 CF12 permite a usuarios remotos autenticados causar una denegación de servicio (bucle infinito) a través de una redirección de inicio de sesión. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI16462 http://www-01.ibm.com/support/docview.wss?uid=swg21672572 https://exchange.xforce.ibmcloud.com/vulnerabilities/92741 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 14EXPL: 0CVE-2014-0955
https://notcve.org/view.php?id=CVE-2014-0955
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0 before 8.0.0.1 CF12, when Social Rendering in Connections integration is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en IBM WebSphere Portal 8.0 anterior a 8.0.0.1 CF12, cuando Social Rendering en la integración de Connections está habilitado, permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI15583 http://www-01.ibm.com/support/docview.wss?uid=swg21672572 https://exchange.xforce.ibmcloud.com/vulnerabilities/92628 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •