) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:ibm:websphere_portal_unified_task_list_portlet:6.0.1:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2014-3057 |
Cross-site scripting (XSS) vulnerability in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Published: July 29, 2014; 4:55:08 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2014-3056 |
The Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to obtain potentially sensitive information about environment variables and JAR versions via unspecified vectors. Published: July 29, 2014; 4:55:08 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2014-3055 |
SQL injection vulnerability in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: July 29, 2014; 4:55:08 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2014-3054 |
Multiple open redirect vulnerabilities in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Published: July 29, 2014; 4:55:08 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.8 MEDIUM |