8 matches found
EUVD-2015-0233
Malware in sbrugna...
IBM Content Template Catalog for WebSphere Portal Cross-Site Scripting Vulnerability
IBM Content Template Catalog for WebSphere Portal is a set of Web site construction templates designed by the U.S. company IBM for the WebSphere Portal environment. A cross-site scripting vulnerability exists in IBM Content Template Catalog for WebSphere Portal. A remote attacker can exploit this...
Cross site scripting
Cross-site scripting XSS vulnerability in IBM Content Template Catalog 4.x before 4.1.4 for WebSphere Portal 8.0.x and 4.x before 4.3.1 for WebSphere Portal 8.5.x allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2015-0195
Cross-site scripting XSS vulnerability in IBM Content Template Catalog 4.x before 4.1.4 for WebSphere Portal 8.0.x and 4.x before 4.3.1 for WebSphere Portal 8.5.x allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2015-0195
CVE-2015-0195 details an XSS vulnerability in IBM Content Template Catalog for WebSphere Portal. Affected: IBM Content Template Catalog 4.x before 4.1.4 on WebSphere Portal 8.0.x and 4.x before 4.3.1 on WebSphere Portal 8.5.x. Attack vector: remote attacker can inject arbitrary script via a craft...
CVE-2013-4012
IBM WebSphere Portal 8.0.0.x before 8.0.0.1 CF09, when Content Template Catalog 4.0 is used, does not require administrative privileges for Portal Application Archive PAA file installation, which allows remote authenticated users to modify data or cause a denial of service via unspecified vectors...
Code injection
IBM WebSphere Portal 8.0.0.x before 8.0.0.1 CF09, when Content Template Catalog 4.0 is used, does not require administrative privileges for Portal Application Archive PAA file installation, which allows remote authenticated users to modify data or cause a denial of service via unspecified vectors...
CVE-2013-4012
IBM WebSphere Portal 8.0.0.x before 8.0.0.1 CF09 is vulnerable when Content Template Catalog 4.0 is used. The issue allows remote authenticated users to install Portal Application Archive (PAA) files without administrative privileges, potentially modifying data or causing a denial of service via ...