Every CVE whose affected-product data names Ibm Websphere Portal, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (126)
CVE-2008-5675 — CVSS 10.0 (critical): Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 has unknown impact and attack vectors related to "Access problems with…
CVE-2016-2901 — CVSS 8.8 (high): Cross-site request forgery (CSRF) vulnerability in the PA_Theme_Creator application in IBM WebSphere Portal 8.5 CF08 through CF10 and Web…
CVE-2017-1156 — CVSS 8.8 (high): IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a…
CVE-2015-7419 — CVSS 7.8 (high): IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows remote attackers to cause a denial of service (memory consumption)…
CVE-2013-2951 — CVSS 7.8 (high): IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile…
CVE-2015-1943 — CVSS 7.8 (high): IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF17, and…
CVE-2015-1899 — CVSS 7.8 (high): IBM WebSphere Portal 8.5 through CF05 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.
CVE-2015-1886 — CVSS 7.8 (high): The Remote Document Conversion Service (DCS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through…
CVE-2008-3423 — CVSS 7.5 (high): IBM WebSphere Portal 5.1 through 6.1.0.0 allows remote attackers to bypass authentication and obtain administrative access via unspecified…
CVE-2014-3055 — CVSS 7.5 (high): SQL injection vulnerability in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote…
CVE-2009-4153 — CVSS 7.5 (high): Unspecified vulnerability in the XMLAccess component in IBM WebSphere Portal 6.1.x before 6.1.0.3 has unknown impact and attack vectors…
CVE-2010-1348 — CVSS 7.5 (high): Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6.1.0.3 Cumulative Fix 03, has unknown…
CVE-2017-1577 — CVSS 7.5 (high): IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a…
CVE-2018-1736 — CVSS 7.4 (high): IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By…
CVE-2015-7428 — CVSS 7.4 (high): Open redirect vulnerability in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF09 allows remote attackers to…
CVE-2015-7472 — CVSS 7.2 (high): IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and…
CVE-2014-0918 — CVSS 7.1 (high): Directory traversal vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through…
CVE-2014-6214 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote…
CVE-2015-4997 — CVSS 6.8 (medium): IBM WebSphere Portal 8.5.0 before CF08 allows remote attackers to bypass intended access restrictions via a crafted request.
CVE-2014-0954 — CVSS 6.8 (medium): IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 does not…
CVE-2014-6125 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.5.0 before CF03 allows remote attackers to hijack the…
CVE-2010-0715 — CVSS 6.8 (medium): Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web…
CVE-2014-4808 — CVSS 6.5 (medium): Unspecified vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0…
CVE-2016-5954 — CVSS 6.5 (medium): IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF30, 8.0.0 through 8.0.0.1 CF21, and…
CVE-2015-1921 — CVSS 6.4 (medium): Open redirect vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF17 and 8.5.0 before CF06 allows remote attackers to redirect…
CVE-2007-3128 — CVSS 6.4 (medium): SQL injection vulnerability in content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary…
CVE-2016-0209 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF09 allows remote attackers to inject arbitrary web script…
CVE-2017-1217 — CVSS 6.1 (medium): IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…
CVE-2018-1416 — CVSS 6.1 (medium): IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2017-1303 — CVSS 6.1 (medium): IBM WebSphere Portal and Web Content Manager 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2016-0244 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.x through…
CVE-2016-0243 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.x through…
CVE-2017-1189 — CVSS 6.1 (medium): IBM WebSphere Portal and Web Content Manager 6.1, 7.0, and 8.0 is vulnerable to cross-site scripting. This vulnerability allows users to…
CVE-2018-1483 — CVSS 6.1 (medium): IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…
CVE-2015-7457 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF09 allows remote…
CVE-2015-4993 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through…
CVE-2017-1761 — CVSS 6.1 (medium): IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2018-1716 — CVSS 6.1 (medium): IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2017-1120 — CVSS 6.1 (medium): IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…
CVE-2016-8922 — CVSS 6.1 (medium): Exphox WebRadar is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI…
CVE-2018-1361 — CVSS 6.1 (medium): IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…
CVE-2015-4998 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through…
CVE-2018-1401 — CVSS 6.1 (medium): IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript…
CVE-2018-1673 — CVSS 6.1 (medium): IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2014-3054 — CVSS 5.8 (medium): Multiple open redirect vulnerabilities in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12…
CVE-2014-0958 — CVSS 5.8 (medium): Open redirect vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and…
CVE-2013-6722 — CVSS 5.8 (medium): Unrestricted file upload vulnerability in the Registration/Edit My Profile portlet in IBM WebSphere Portal 7.x before 7.0.0.2 CF27 and 8.x…
CVE-2014-4760 — CVSS 5.8 (medium): Open redirect vulnerability in IBM WebSphere Portal 6.1.0.0 through 6.1.0.6 CF27, 6.1.5.0 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28…
CVE-2016-0245 — CVSS 5.4 (medium): The XML parser in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF10 allows remote authenticated users to read…
CVE-2017-1536 — CVSS 5.4 (medium): IBM Support Tools for Lotus WCM (IBM WebSphere Portal 7.0, 8.0, 8.5 and 9.0) is vulnerable to cross-site scripting. This vulnerability…
CVE-2016-2925 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.x through…
CVE-2018-1820 — CVSS 5.4 (medium): IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript…
CVE-2015-7491 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF09 allows remote…
CVE-2018-1444 — CVSS 5.4 (medium): IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…
CVE-2018-1660 — CVSS 5.4 (medium): IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2018-1445 — CVSS 5.4 (medium): IBM WebSphere Portal 8.0.0 through 8.0.0.1, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed…
CVE-2018-1420 — CVSS 5.3 (medium): IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative…
CVE-2015-7447 — CVSS 5.3 (medium): IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and…
CVE-2017-1698 — CVSS 5.3 (medium): IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could reveal sensitive information from an error message that could lead to further attacks…
CVE-2017-1423 — CVSS 5.3 (medium): IBM WebSphere Portal 8.5 and 9.0 exposes backend server URLs that are configured for usage by the Web Application Bridge component. IBM…
CVE-2007-3127 — CVSS 5.0 (medium): content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows remote attackers to obtain sensitive information via a "';" (quote…
CVE-2011-0679 — CVSS 5.0 (medium): IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM) and IBM Lotus Quickr for WebSphere Portal…
CVE-2012-2181 — CVSS 5.0 (medium): Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF14, and 8.0, allows remote…
CVE-2012-4834 — CVSS 5.0 (medium): Directory traversal vulnerability in LayerLoader.jsp in the theme component in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF19 and 8.0…
CVE-2013-3016 — CVSS 5.0 (medium): IBM WebSphere Portal 6.1, 7.0, and 8.0 allows remote attackers to access the user directory via a crafted request for a servlet, related to…
CVE-2013-6723 — CVSS 5.0 (medium): IBM WebSphere Portal 8.0.0.1 before CF09 does not properly handle references in compute="always" Web Content Manager (WCM) navigator…
CVE-2013-6735 — CVSS 5.0 (medium): IBM WebSphere Portal 6.0.0.x through 6.0.0.1, 6.0.1.x through 6.0.1.7, 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x…
CVE-2014-0949 — CVSS 5.0 (medium): IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows…
CVE-2014-3056 — CVSS 5.0 (medium): The Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to obtain potentially…
CVE-2014-4746 — CVSS 5.0 (medium): IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF13 and 8.5.0 through CF01 provides different error codes for firewall-traversal requests…
CVE-2014-4821 — CVSS 5.0 (medium): IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 through 8.0.0.1 CF14, and 8.5.0…
CVE-2014-8912 — CVSS 5.0 (medium): IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 through 8.0.0.1 CF18, and…
CVE-2015-1887 — CVSS 5.0 (medium): IBM WebSphere Portal 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote attackers to obtain…
CVE-2018-1672 — CVSS 5.0 (medium): IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correct user context in certain impersonation scenarios, which can allow a…
CVE-2014-6193 — CVSS 4.9 (medium): IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF14 and 8.5.0 before CF04, when the Managed Pages setting is enabled, allows remote…
CVE-2013-4012 — CVSS 4.9 (medium): IBM WebSphere Portal 8.0.0.x before 8.0.0.1 CF09, when Content Template Catalog 4.0 is used, does not require administrative privileges for…
CVE-2009-1008 — CVSS 4.4 (medium): Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect…
CVE-2009-1010 — CVSS 4.4 (medium): Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect…
CVE-2009-1009 — CVSS 4.4 (medium): Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.1.9 allows local users to affect…
CVE-2014-6126 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF03 allows remote attackers to inject arbitrary web script…
CVE-2013-0549 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Web Content Manager - Web Content Viewer Portlet in the server in IBM WebSphere Portal…
CVE-2014-8902 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Blog Portlet in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3…
CVE-2015-1908 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through…
CVE-2015-1917 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Active Content Filtering component in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27…
CVE-2014-6171 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through…
CVE-2014-0956 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in googlemap.jsp in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27…
CVE-2014-0955 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0 before 8.0.0.1 CF12, when Social Rendering in Connections integration…
CVE-2014-0953 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.0 through 6.1.0.6 CF27, 6.1.5.0 through 6.1.5.3 CF27, 7.0.0 through…
CVE-2014-0952 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in boot_config.jsp in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF28…
CVE-2014-0951 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in FilterForm.jsp in IBM WebSphere Portal 7.0 before 7.0.0.2 CF28 and 8.0 before 8.0.0.1 CF12…
CVE-2014-0917 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5…
CVE-2014-0828 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the WCM (Web Content Manager) UI in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x…
CVE-2013-6730 — CVSS 4.3 (medium): IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x before 7.0.0.2 CF27, and 8.0.0.x before 8.0.0.1…
CVE-2013-6328 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Web Content Manager (WCM) UI in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x…
CVE-2013-6316 — CVSS 4.3 (medium): IBM WebSphere Portal 7.0.0.x before 7.0.0.2 CF26 and 8.0.0.x before 8.0.0.1 CF09 does not properly handle content-selection changes during…
CVE-2013-5454 — CVSS 4.3 (medium): IBM WebSphere Portal 6.0 through 6.0.1.7, 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF25, and 8.0 through…
CVE-2013-0587 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Portal before 8.0.0.1 CF07 allow remote attackers to inject arbitrary…
CVE-2011-2754 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the PageBuilder2 (aka Page Builder) theme in IBM WebSphere Portal 7.x before 7.0.0.1 CF006, as…
CVE-2011-2172 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the search center in IBM WebSphere Portal 7.0.0.1 before CF004 allows remote attackers to…
CVE-2010-4219 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in SemanticTagService.js in IBM WebSphere Portal 6.1.0.1 allows remote attackers to inject…
CVE-2010-0714 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus…
CVE-2010-0704 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Portlet Palette in IBM WebSphere Portal 6.0.1.5 wp6015_008_01 allows remote attackers to…
CVE-2009-4152 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Collaboration component in IBM WebSphere Portal 6.1.x before 6.1.0.3 allows remote…
CVE-2009-0899 — CVSS 4.3 (medium): IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and 7.0 through 7.0.0.4, IBM WebSphere Portal Server 5.1 through 6.0, and IBM…
CVE-2015-5001 — CVSS 4.3 (medium): IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and…
CVE-2015-7413 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF19 and 8.5.0 through CF08 allows remote attackers…
CVE-2014-3057 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12…
CVE-2014-4761 — CVSS 4.0 (medium): IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 before 8.0.0.1 CF14, and 8.5.0…
CVE-2014-0959 — CVSS 4.0 (medium): IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows…
CVE-2014-4792 — CVSS 4.0 (medium): IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28, 8.0.0 through 8.0.0.1 CF13, and…
CVE-2011-2173 — CVSS 4.0 (medium): The implementation of OutputMediator objects in IBM WebSphere Portal 6.0.1.7, and 7.0.0.1 before CF002, allows remote authenticated users…
CVE-2014-6215 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 before…
CVE-2015-0177 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF05 allows remote authenticated users to inject arbitrary…
CVE-2014-8909 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x…
CVE-2014-4762 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF13 and 8.5.0 before CF02 allows remote…
CVE-2014-3102 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.0 through 7.0.0.2 CF28 and 8.0.0 before 8.0.0.1 CF13 allows remote…
CVE-2014-4814 — CVSS 3.5 (low): IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 through 8.0.0.1 CF14, and 8.5.0…
CVE-2015-0139 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote…
CVE-2013-5379 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.x before 7.0.0.2 CF25 and 8.x before 8.0.0.1 CF8 allows remote…
CVE-2013-5378 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.x before 8.0.0.1 CF8 allows remote authenticated users to inject…
CVE-2014-6093 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x before 7.0.0.2 CF29, 8.0.x through 8.0.0.1 CF14, and 8.5.x before…
CVE-2013-2950 — CVSS 3.5 (low): CRLF injection vulnerability in IBM WebSphere Portal 6.1.0.x before 6.1.0.3 CF26, 6.1.5.x before 6.1.5 CF26, 7.0.0.x before 7.0.0.2 CF21…
CVE-2015-1944 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF17 and 8.5.0 before CF06 allows remote…
CVE-2014-0910 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.0 through 6.1.0.6 CF27, 6.1.5.0 through 6.1.5.3 CF27, and 7.0.0…
CVE-2014-0901 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in the Social Rendering implementation in the IBM Connections integration in IBM WebSphere Portal…
CVE-2015-7455 — CVSS 3.1 (low): IBM WebSphere Portal 7.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF20, and 8.5.x before 8.5.0.0 CF09 uses weak permissions for content…