CVE-2011-1355Improper Input Validation in IBM Websphere Application Server

CWE-20Improper Input Validation3 documents3 sources
Severity
5.8MEDIUMNVD
EPSS
0.5%
top 32.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere Application Server
Timeline
PublishedJul 19
Latest updateMay 17

Description

Open redirect vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 before 7.0.0.19 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the logoutExitPage parameter.

CVSS vector

AV:N/AC:M/C:N/I:P/A:PExploitability: 8.6 | Impact: 4.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-47pg-c4cm-269h: Open redirect vulnerability in IBM WebSphere Application Server (WAS) 62022-05-17
CVEList
CVE-2011-1355: Open redirect vulnerability in IBM WebSphere Application Server (WAS) 62011-07-19
CVE-2011-1355 — Improper Input Validation in IBM | cvebase