Computer Security
[EN] securityvulns.ru no-pyccku


IBM Web Content Manager information leakage
Published:09.01.2014
Source:
SecurityVulns ID:13509
Type:remote
Threat Level:
5/10
Description:It's possible to obtain configuration data.
Affected:IBM : WebSphere Portal 8.0
CVE:CVE-2013-6735 (IBM WebSphere Portal 6.0.0.x through 6.0.0.1, 6.0.1.x through 6.0.1.7, 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF26, and 8.0.0.x through 8.0.0.1 CF08 allows remote attackers to obtain sensitive Java Content Repository (JCR) information via a modified Web Content Manager (WCM) URL.)
Original documentdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20131227-0 :: IBM Web Content Manager (WCM) XPath Injection (09.01.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod