2 matches found
CVE-2014-6196
The CVE-2014-6196 entry affects IBM Web Experience Factory (WEF) versions 6.1.5 through 8.5.0.1, as used in WebSphere Dashboard Framework (WDF) and Lotus Widget Factory (LWF). The root cause is a Dojo builder error in an unspecified WebSphere Portal configuration, which leads to improper construc...
CVE-2011-5048
IBM Web Experience Factory (WEF, aka WebSphere Portlet Factory) versions 7.0 and 7.0.1 are reported vulnerable to multiple XSS issues. The vulnerabilities allow remote attackers to inject arbitrary script/HTML through (1) text INPUT elements and (2) TEXTAREA elements, with the issue described as ...