Vulnerabilities > IBM > Websphere Portal
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-12 | CVE-2018-1673 | Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. | 6.1 |
| 2018-10-01 | CVE-2018-1672 | Improper Authentication vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user. | 6.3 |
| 2018-10-01 | CVE-2018-1420 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. | 6.5 |
| 2018-09-27 | CVE-2018-1820 | Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. | 5.4 |
| 2018-09-27 | CVE-2018-1736 | Open Redirect vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2018-09-27 | CVE-2018-1716 | Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. | 6.1 |
| 2018-09-27 | CVE-2018-1660 | Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. | 5.4 |
| 2018-07-11 | CVE-2013-2951 | Credentials Management vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information by reading the file. | 7.8 |
| 2018-04-17 | CVE-2018-1445 | Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal 8.0.0 through 8.0.0.1, 8.5, and 9.0 is vulnerable to cross-site scripting. | 5.4 |
| 2018-04-11 | CVE-2018-1483 | Cross-site Scripting vulnerability in IBM Websphere Portal 8.5.0.0/9.0 IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. | 6.1 |