Vulnerabilities > IBM > Websphere Portal > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-12 | CVE-2018-1673 | Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. | 6.1 |
| 2018-10-01 | CVE-2018-1672 | Improper Authentication vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user. | 6.3 |
| 2018-10-01 | CVE-2018-1420 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. | 6.5 |
| 2018-09-27 | CVE-2018-1820 | Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. | 5.4 |
| 2018-09-27 | CVE-2018-1736 | Open Redirect vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2018-09-27 | CVE-2018-1716 | Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. | 6.1 |
| 2018-09-27 | CVE-2018-1660 | Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. | 5.4 |
| 2018-04-17 | CVE-2018-1445 | Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal 8.0.0 through 8.0.0.1, 8.5, and 9.0 is vulnerable to cross-site scripting. | 5.4 |
| 2018-04-11 | CVE-2018-1483 | Cross-site Scripting vulnerability in IBM Websphere Portal 8.5.0.0/9.0 IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. | 6.1 |
| 2018-03-14 | CVE-2018-1444 | Cross-site Scripting vulnerability in IBM Websphere Portal 8.5.0.0/9.0.0.0 IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. | 5.4 |