Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:jasig:uportal:4.0.13:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-3417 |
uPortal before 4.0.13.1 does not properly check the CONFIG permission, which allows remote authenticated users to configure portlets by leveraging the SUBSCRIBE permission for a portlet. Published: May 29, 2014; 10:19:08 AM -0400 |
V3.x:(not available) V2.0: 6.5 MEDIUM |
CVE-2014-3416 |
uPortal before 4.0.13.1 does not properly check the MANAGE permissions, which allows remote authenticated users to manage arbitrary portlets by leveraging the SUBSCRIBE permission for the portlet-admin portlet. Published: May 29, 2014; 10:19:08 AM -0400 |
V3.x:(not available) V2.0: 6.5 MEDIUM |