Cross-site scripting (XSS) vulnerability in the Active Content Filtering component in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

The version of IBM WebSphere Portal installed on the remote Windows host is affected by a cross-site scripting vulnerability in the Active Content Filtering component due to improperly validating user-supplied input. A remote attacker can exploit this by creating a specially crafted URL designed to execute script code in the victim's web browser.

The version of IBM WebSphere Portal installed on the remote host is 8.0.0.x prior to 8.0.0.1 CF17. It is, therefore, affected by multiple vulnerabilities :

  - An unspecified flaw exists in the Outside In Filters     subcomponent. An attacker, using a specially crafted     DOCX file, can exploit this to corrupt memory, resulting     in a denial of service or the execution of arbitrary     code. (CVE-2015-0474)

  - An buffer overflow flaw exists in the Outside In Filters     subcomponent due to 'ibpsd2.dll' not properly validating     user-supplied input in PSD files. An attacker can     exploit this to cause a denial of service or possibly     execute arbitrary code. (CVE-2015-0493)

  - A flaw exists in the access control enforcement of the     JCR component that allows a remote, unauthenticated     attacker, using a specially crafted request, to gain     access to potentially sensitive information.
    (CVE-2015-1887)

  - A cross-site scripting vulnerability exists in the     Active Content Filtering component due to improperly     validating user-supplied input. A remote attacker can     exploit this by creating a specially crafted URL     designed to execute script code in the victim's web     browser. (CVE-2015-1917)

  - A flaw exists that allows a cross-site redirection     attack due to a failure to validate certain unspecified     input before returning it to the user. An attacker,     using specially crafted URL, can exploit this to     redirect victims to a website of the attacker's own     choosing. (CVE-2015-1921)     
  - A flaw exists that allows a reflected cross-site     scripting attack due to a failure to validate input     before returning it back to the user. A remote attacker,     using a crafted URL, can exploit this to execute code     or HTML within the user's browser. (CVE-2015-1944)

The version of IBM WebSphere Portal installed on the remote host is 8.5.0 prior to 8.5.0 CF06. It is, therefore, affected by multiple vulnerabilities :

  - An buffer overflow flaw exists in the Outside In Filters     subcomponent due to 'ibpsd2.dll' not properly validating     user-supplied input in PSD files. An attacker can     exploit this to cause a denial of service or possibly     execute arbitrary code. (CVE-2015-0493)

  - An unspecified flaw exists in the Remote Document     Conversion Service (DCS) that allows a remote attacker     to cause a denial of service. (CVE-2015-1886)

  - A flaw exists when handling a specially crafted request     that allows a remote attacker to use too many available     resources, resulting in a denial of service.
    (CVE-2015-1899)

  - A flaw exists that allows a reflected cross-site     scripting attack due to a failure to validate input     before returning it back to the user. A remote attacker,     using a crafted URL, can exploit this to execute code     or HTML within the user's browser. (CVE-2015-1908,     CVE-2015-1944)

  - A cross-site scripting vulnerability exists in the     Active Content Filtering component due to improperly     validating user-supplied input. A remote attacker can     exploit this by creating a specially crafted URL     designed to execute script code in the victim's web     browser. (CVE-2015-1917)

  - A flaw exists that allows a cross-site redirection     attack due to a failure to validate certain unspecified     input before returning it to the user. An attacker,     using specially crafted URL, can exploit this to     redirect victims to a website of the attacker's own     choosing. (CVE-2015-1921)

  - An unspecified flaw exists that is trigged when handling     Portal requests. A remote attacker can exploit this to     cause a consumption of CPU resources, resulting in a     denial of service condition. (CVE-2015-1943)

ID	Name	Product	Family	Severity
84573	IBM WebSphere Portal Active Content Filtering XSS (PI38732)	Nessus	CGI abuses	medium
84571	IBM WebSphere Portal 8.0.0.x < 8.0.0.1 CF17 Multiple Vulnerabilities	Nessus	CGI abuses	medium
83872	IBM WebSphere Portal 8.5.0 < 8.5.0 CF06 Multiple Vulnerabilities	Nessus	CGI abuses	medium

Detections

Analytics

CVE-2015-1917

medium

Tenable Plugins

medium

medium

medium