CVSS: 2.1EPSS: 0%CPEs: 44EXPL: 0CVE-2011-1356
https://notcve.org/view.php?id=CVE-2011-1356
IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 before 7.0.0.19 allows local users to obtain sensitive stack-trace information via a crafted Administration Console request. IBM WebSphere Application Server (WAS) v6.1 y anteriores a v6.1.0.39 y v7 y anteriores a v7.0.0.19 permite a usuarios locales obtener pilas de información de seguimiento a través de una solicitud diseñada para ello de la consola de administración. • http://www.ibm.com/support/docview.wss?uid=swg1PM36620 http://www.ibm.com/support/docview.wss?uid=swg1PM42436 http://www.securityfocus.com/bid/48709 https://exchange.xforce.ibmcloud.com/vulnerabilities/68571 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.8EPSS: 0%CPEs: 44EXPL: 0CVE-2011-1355
https://notcve.org/view.php?id=CVE-2011-1355
Open redirect vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 before 7.0.0.19 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the logoutExitPage parameter. Vulnerabilidad "Open redirect" en IBM WebSphere Application Server (WAS) v6.1 anterior a v6.1.0.39 y v7.0 anterior a 7.0.0.19 permite a atacantes remotos redirigir a los usuarios a sitios web arbitrarios y llevar a cabo ataques de phishing a través del parámetro logoutExitPage. • http://www.ibm.com/support/docview.wss?uid=swg1PM35701 http://www.ibm.com/support/docview.wss?uid=swg1PM42436 https://exchange.xforce.ibmcloud.com/vulnerabilities/68570 • CWE-20: Improper Input Validation •