Open redirect

2010-02-2619:30:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.2%

JSON

Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the query string.

CPENameOperatorVersion
lotus_quickreq8.1
lotus_quickreq8.1.1.1
lotus_quickreq8.0.0.2
lotus_quickreq8.0
lotus_quickreq8.1.1
lotus_web_content_managementeq6.1.0.2
lotus_web_content_managementeq6.0.1.4
lotus_web_content_managementeq6.0.1.5
lotus_web_content_managementeq5.1.0.4
lotus_web_content_managementeq6.0.0.1

Name	Operator	Version
lotus_quickr	eq	8.1
lotus_quickr	eq	8.1.1.1
lotus_quickr	eq	8.0.0.2
lotus_quickr	eq	8.0
lotus_quickr	eq	8.1.1
lotus_web_content_management	eq	6.1.0.2
lotus_web_content_management	eq	6.0.1.4
lotus_web_content_management	eq	6.0.1.5
lotus_web_content_management	eq	5.1.0.4
lotus_web_content_management	eq	6.0.0.1

Rows per page:

1-10 of 771

References

www-01.ibm.com/support/docview.wss?uid=swg21421469

www.hacktics.com/content/advisories/AdvIBM20100224.html

www.securityfocus.com/archive/1/509744/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/56602