Vulnerabilities > IBM > Connections Portlets
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-08-08 | CVE-2016-2989 | Improper Access Control vulnerability in IBM Connections Portlets 5.0 Open redirect vulnerability in the Connections Portlets component 5.x before 5.0.2 for IBM WebSphere Portal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 5.8 |
2014-02-14 | CVE-2014-0855 | Cross-Site Scripting vulnerability in IBM Connections Portlets 4.0/4.5/4.5.1 Multiple cross-site scripting (XSS) vulnerabilities in IBM Connections Portlets 4.x before 4.5.1 FP1 for IBM WebSphere Portal 7.0.0.2 and 8.0.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |