2 matches found
Security Bulletin: Multiple Security Vulnerabilities in Jetspeed Affect IBM Sterling B2B Integrator
Summary There are multiple security vulnerabilities in Jetspeed that affect IBM Sterling B2B Integrator Vulnerability Details CVEID: CVE-2016-0711 DESCRIPTION: Apache Jetspeed is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the add a link, page, or...
CVE-2016-2171
CVE-2016-2171 affects Apache Jetspeed prior to 2.3.1, where the User Manager REST API fails to properly restrict access via Jetspeed Security. This allows a remote attacker to perform add, edit, or delete operations on users through the REST API. The IBM advisory consolidates multiple Jetspeed vu...