Ibm Corporation Websphere Portal vulnerabilities

CVE-2017-1156 [HIGH] CWE-601 CVE-2017-1156: IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to conduct phishing attacks, using an IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow

CVE-2017-1120 [MEDIUM] CWE-79 CVE-2017-1120: IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows us IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000152.

CVE-2016-8936 [MEDIUM] CWE-79 CVE-2016-8936: IBM Social Rendering Templates for Digital Data Connector is vulnerable to cross-site scripting. Thi IBM Social Rendering Templates for Digital Data Connector is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2016-8922 [MEDIUM] CWE-79 CVE-2016-8922: Exphox WebRadar is vulnerable to cross-site scripting. This vulnerability allows users to embed arbi Exphox WebRadar is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.