CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2011-2172
https://notcve.org/view.php?id=CVE-2011-2172
Cross-site scripting (XSS) vulnerability in the search center in IBM WebSphere Portal 7.0.0.1 before CF004 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el centro de búsqueda IBM WebSphere Portal v7.0.0.1 anteriores a CF004 permite a atacantes remotos inyectar script de su elección o HTML a través de vectores no especificados. • http://osvdb.org/72500 http://secunia.com/advisories/44700 http://www-01.ibm.com/support/docview.wss?uid=swg1PM36644 http://www-01.ibm.com/support/docview.wss?uid=swg1PM37009 http://www.ibm.com/support/docview.wss?uid=swg24029452 http://www.securityfocus.com/bid/47954 https://exchange.xforce.ibmcloud.com/vulnerabilities/67594 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2011-2173
https://notcve.org/view.php?id=CVE-2011-2173
The implementation of OutputMediator objects in IBM WebSphere Portal 6.0.1.7, and 7.0.0.1 before CF002, allows remote authenticated users to cause a denial of service (memory consumption) via requests. La implementación de objetos OutputMediator en IBM WebSphere Portal v6.0.1.7, v7.0.0.1 y anteriores a CF002, permite a usuarios remotos autenticados causar una denegación de servicio (consumo de memoria) a través de peticiones. • http://www-01.ibm.com/support/docview.wss?uid=swg1PM33432 http://www.ibm.com/support/docview.wss?uid=swg24029452 https://exchange.xforce.ibmcloud.com/vulnerabilities/67687 • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 0%CPEs: 13EXPL: 0CVE-2011-0679
https://notcve.org/view.php?id=CVE-2011-0679
IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM) and IBM Lotus Quickr for WebSphere Portal, allows remote attackers to obtain sensitive information via a "modified message." IBM WebSphere Portal v6.0.1.1 hasta v7.0.0.0, como el utilizado en IBM Lotus Web Content Management (WCM) e IBM Lotus Quickr para WebSphere Portal, permite a atacantes remotos obtener información sensible a través de un "mensaje modificado." • http://osvdb.org/70688 http://secunia.com/advisories/43081 http://www-01.ibm.com/support/docview.wss?uid=swg1PM22159 http://www-01.ibm.com/support/docview.wss?uid=swg1PM22167 http://www-01.ibm.com/support/docview.wss?uid=swg1PM24319 http://www-01.ibm.com/support/docview.wss?uid=swg1PM24320 http://www-01.ibm.com/support/docview.wss? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2010-4219
https://notcve.org/view.php?id=CVE-2010-4219
Cross-site scripting (XSS) vulnerability in SemanticTagService.js in IBM WebSphere Portal 6.1.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados en SemanticTagService.js en IBM WebSphere Portal v6.1.0.1 permite a atacantes remotos inyecatar código web o HTML a través de vectores no especificados. NOTA: NOTA: algunos de estos detalles han sido obtenidos de terceras partes. • http://www-01.ibm.com/support/docview.wss?uid=swg1PK91972 http://www.vupen.com/english/advisories/2010/2827 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2010-1348
https://notcve.org/view.php?id=CVE-2010-1348
Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6.1.0.3 Cumulative Fix 03, has unknown impact and remote attack vectors. Vulnerabilidad inespecífica en el proceso de inicio de sesión en IBM WebSphere Portal v6.0.1.1, y v6.1.0.x anteriores a v6.1.0.3 Cumulative Fix 03, tiene impacto y vectores desconocidos. • http://osvdb.org/63594 http://secunia.com/advisories/39305 http://www-01.ibm.com/support/docview.wss?uid=swg1PM08667 http://www.securityfocus.com/bid/39306 http://www.securitytracker.com/id?1023830 http://www.vupen.com/english/advisories/2010/0829 https://exchange.xforce.ibmcloud.com/vulnerabilities/57613 •