Lucene search
K

3 matches found

Cvelist
Cvelist
added 2014/04/02 1:0 a.m.27 views

CVE-2014-0828

Cross-site scripting XSS vulnerability in the WCM Web Content Manager UI in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF27, and 8.0.0.x before 8.0.0.1 CF11 allows remote attackers to inject arbitrary web script or HTML via unspecified...

5.5AI score0.01161EPSS
Exploits1References4
CVE
CVE
added 2014/04/02 1:0 a.m.54 views

CVE-2014-0828

CVE-2014-0828 is an XSS in IBM WebSphere Portal's Web Content Manager UI affecting WebSphere Portal 6.1.0.x (up to 6.1.0.6 CF27), 6.1.5.x (up to 6.1.5.3 CF27), 7.0.0.x (up to 7.0.0.2 CF27), and 8.0.0.x before 8.0.0.1 CF11. The root cause is insufficient input filtering in the WCM UI/Social Render...

4.3CVSS5.7AI score0.01161EPSS
Exploits1References4Affected Software1
seebug.org
seebug.org
added 2014/04/02 12:0 a.m.27 views

IBM WebSphere Portal Web Content Manager UI 跨站脚本漏洞

CVE ID:CVE-2014-0828 IBM WebSphere Portal提供了一个组合应用程序或业务mashup框架,并且提供了一种高级工具来构造灵活的,基于SOA的解决方案。 由于某些关于社会渲染功能的输入在返回用户前没有正确过滤,攻击者可以利用漏洞在受影响站点上下文的用户浏览器会话中执行任意HTML和脚本代码。 0 IBM WebSphere Portal 6.x IBM WebSphere Portal 7.x IBM WebSphere Portal 8.x IBM WebSphere Portal 8.0.0.1 CF11版本以修复此漏洞,建议用户下载使用:...

4.3CVSS6.6AI score0.01161EPSS
Exploits1
Rows per page
Query Builder