- Home
- CVEs with nessus.description==The version of IBM WebSphere Portal on the remote host is affected by multiple vulnerabilities :
- An information disclosure vulnerability exists in the HttpClient component of the Apache HttpComponents library. An attacker can exploit this issue by sending a Proxy-Authorization header to retrieve a user's password. (CVE-2011-1498)
- An unspecified cross-site scripting vulnerability exists due to improper validation of user input. An attacker can exploit this issue to execute code in the security context of a user's browser.
(CVE-2014-3102)
- An information disclosure vulnerability exists due to the returned error codes which an attacker can use to identify devices behind a firewall. (CVE-2014-4746)
- An unspecified open redirect vulnerability exists that can allow an attacker to perform a phishing attack by enticing a user to click on a malicious URL.
(CVE-2014-4760)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top