Open Redirect Vulnerability in IBM WebSphere Portal
CVE-2016-2989
6.5MEDIUM
Summary
The Connections Portlets component in IBM WebSphere Portal versions prior to 5.0.2 is susceptible to an open redirect vulnerability. This flaw permits remote attackers to redirect users to arbitrary external websites, potentially enabling them to execute phishing attacks. Attackers can exploit this issue through unspecified vectors, which may compromise user trust and lead to unauthorized access to sensitive information. Organizations using affected versions are advised to upgrade to the latest version to mitigate this risk.
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved