Lucene search

[email protected]CVE-2015-7413

HistoryDec 21, 2015 - 11:59 a.m.

CVE-2015-7413

2015-12-2111:59:07

CWE-79

[email protected]

web.nvd.nist.gov

ibm

websphere

portal

xss

vulnerability

security

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.2%

JSON

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF19 and 8.5.0 through CF08 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Affected configurations

NVD

Node

ibmwebsphere_portalMatch8.0.0.0

ibmwebsphere_portalMatch8.0.0.1

ibmwebsphere_portalMatch8.5.0.0

CPENameOperatorVersion
ibm:websphere_portalibm websphere portaleq8.0.0.0
ibm:websphere_portalibm websphere portaleq8.0.0.1
ibm:websphere_portalibm websphere portaleq8.5.0.0

CPE	Name	Operator	Version
ibm:websphere_portal	ibm websphere portal	eq	8.0.0.0
ibm:websphere_portal	ibm websphere portal	eq	8.0.0.1
ibm:websphere_portal	ibm websphere portal	eq	8.5.0.0

References

www-01.ibm.com/support/docview.wss?uid=swg1PI50844

www-01.ibm.com/support/docview.wss?uid=swg21970176

www.securitytracker.com/id/1034284

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.2%

JSON

Related for CVE-2015-7413

nvd1 prion1 cvelist1 openvas1